Authentication
SMS2000 can substitute subscriber information for replaceable parameters in the URL. For example, here the set authok command is shown using the secret as well as the blockall parameters, and a URL with parameters embedded in it which are handled during the redirect.
sms2000% set authok
http://www.myserver.com/mypath/myscript.cgi?port=$port&host=$host& mac=$mac&group=$group&origurl=$origurl&seq=$seq&sig=$sig secret mysecret blockall
Note: This can be used in conjunction with an OCS to create a free service at slower speeds, selling higher speed services through the SMS2000.
Deleting the authok Page
To delete the URL (forcedweb page) to which a subscriber is automatically redirected when authentication is complete or to which a subscriber connects if authentication is off, use this command:
delete authok
For example, To delete the URL for subscriber access, type:
sms2000% delete authok
Authentication with RADIUS
Note: A RADIUS accounting server must be separately configured if RADIUS accounting is desired.
Adding a RADIUS Server
Use the auth add radius command to configure a RADIUS server as the authentication server for the current group. When a subscriber connects to the SMS2000, he is automatically redirected to a login page, which requires a user name and password. This information is sent to the configured RADIUS server. If the server approves, the subscriber is granted access, and accounting information is automatically sent to the RADIUS accounting server.
Beginning with the 2.3.6 release of SMS software, many RADIUS attributes and additional features have been added.
For example:
•Add multiple RADIUS servers for
•Add Alias IP addresses for clustered RADIUS Servers
•Configure retransmission, deadtime, and timeout timers
TUT Systems, Inc | Page 52 of 104 | P/N |