enable Azure MFA server to accept RADIUS attribute 31 for trusted IP evaluation.
Currently the RADIUS client must send the authenticating user's IP address via attribute 66 for Azure MFA RADIUS server to correctly evaluate trusted IP addresses. It would be tremendously helpful if that was configurable so that an admin could select a different RADIUS attribute (such as 31) for trusted IP evaluation. We use a NetScaler gateway and it will currently only send RADIUS attribute 31 (Calling-Station-Id) to the RADIUs server. Quick fix I presume!
Digital Marketing Agency Lahore commented
We are an essential class lead age association in Lahore Pakistan, offering the main lead age organizations to associations. Call us to discuss your necessities lead age organizations, lead age Pakistan, best lead age organizations, top lead age association
The concept of furniture first developed as early as 3100-2500 B.C. The first items created for household use were made of stone, as wood was not readily available during the Neolithic time period. Dressers, cupboards and beds were amongst the first forms of furniture.
kyujin Choi commented
FYI, Citrix will release 12.1 April 30, 2018 which will include attribute 66.
Stephen, can you tell me encoding type (UTF-8, MS-ANSI) and value for attribute 31? Thanks
Raised a request with Citrix to support radius attribute 66.
Time will tell if Citrix makes the change first to implement attribute 66 or if M$ will make the change to accept attribute 31.
6 months later, still waiting for this request to become a reality.
Stephen Williams commented
I have an ASA5510 that cannot be configured to send type 66 for trusted IP eval. The client IP is sent as Type 31. The following example is sent by ASA5510 and received by MFA Radius server but not recorded or acted on
Radius: Type = 31 (0x1F) Calling-Station-Id
Radius: Length = 28 (0x1C)
Radius: Value (String) =
[hex values] | ip:source-ip=99
[hex values] | .199.99.99