Working with RADIUS attributes
Colubris AV-Pair - Site attribute values
15-38
Syntax
access-list=
listname[,OPTIONAL],action,protocol,address,port[,account[,interval]]
use-access-list=uselistname
default-user-access-list=uselistname
use-access-list-unauth=uselistname
Note You can use spaces as separators instead of commas.
Where:
Parameter Description
listname
Specify a name (up to 32 characters long) to identify the access list
this rule applies to. If a list with this name does not exist, a new list
is created. If a list with this name exists, the rule is added to it.
uselistname
Specify the name of an existing access list. This list is activated for
the current profile. Lists are checked in the order they are activated.
OPTIONAL
Allows the access list to be activated even if this rule fails to
initialize. For example, if you specify a rule that contains an address
which cannot be resolved for some reason, the other rules that make
up the access list will still be initialized. If you do not specify
optional, a failed rule will cause the entire list to fail.
Critical access list definitions (such as for a remote login
page, certificates) should not use the OPTIONAL setting
because if these definitions fail to initialize there will be no
indication in the log.
action
Specify what action the rule takes when it matches incoming traffic.
The options are:
ACCEPT - Allow traffic matching this rule.
ACCEPT-MORE - Allow traffic matching this rule and allocate
extra connections (when required) to enable users to connect
with the specified address.
By default the controller allows up to 200 TCP or UDP
connections per authenticated or unauthenticated user. If a user
has exceeded this connection limit, this parameter allows the
controller to permit extra connections from the user when
connecting to the specified destination. Connections are
assigned from a global pool of 100 connections.
To Next Page
Loading...
Need help?
General
