Tut Systems SMS2000 manual Or Operator, Parenthesis, Expression and expression

Page 67

Service Creation Using Groups and Rules

“not mac=00:11:22:33:44:55” applies the rule so long as the MAC address of the unit is not the given address. In other words, it applies to every computer in the world but one.

The AND Operator

The “AND” operator is used to group two or more expressions of any type so that the rule applies if both the expression on the left of the “AND” and the expression on the right of the “AND” are true.

expression AND expression

For example:

“tut=123.123.123.123-001-001 AND mac=00:11:22:33:44:55” applies if a device with a MAC address of 00:11:22:33:44:55 connects on slot 1 and line 1 of the Expresso GS/MDU Chassis or MDU Lite at IP 123.123.123.123. If that device is in a different place (with the same MAC), then the rule does not apply. If a device with a different MAC connects on the given port, the rule also does not apply.

“tut=123.123.123.123-001-001 AND mac=00:11:22:33:44:55 AND ip=123.123.123.5” applies only if a device connects to slot 1, line 1 of an Expresso GS/MDU Chassis or MDU Lite at 123.123.123.123, and that device has a MAC of 00:11:22:33:44:55, and that device has an IP of 123.123.123.5. If any one of these is not true, then the rule does not apply.

The OR Operator

The “OR” operator is used to group two or more expressions so that a rule will apply if any of those expressions is true.

expression OR expression

For example:

“mac=00:11:22:33:44:55 OR ip=123.123.123.5” applies either if a device has the given MAC address or its IP address is 123.123.123.5.

Parenthesis

Managers can use parenthesis to logically group expressions to ensure the precedence of operators.

(expression)

(expression OR expression) (expression AND expression)

For example:

“(tut=123.123.123.123-001-001 AND mac=00:11:22:33:44:55) OR ip=123.123.123.5” means that this rule applies if the computer is connected at the given tut location using the given MAC, or if the user is connecting (with any mac and from any location) using the given IP address.

TUT Systems, Inc

Page 67 of 104

P/N 220-06288-20

Image 67
Contents TUT Systems SMS2000 User Guide SMS2000 User’s Guide SMSUser’s Guide Contents Connectivity and Testing Configuring SmtpConfiguring NTP Configuring Snmp PollingAuthorization Authentication Configuring the Command ServerAuthentication Authentication with RadiusSMS2000 Rules Using Rule PrioritiesConfiguring Radius GroupsSMS2000 Status Attributes and Statistics Using Both Radius and OCS AuthenticationWeb Proxy Settings SMS2000 Troubleshooting ProceduresList of Tables Radius Attributes in Access-Accept PacketsList of Figures Related Documentation PrefaceAudience Documentation available for this ReleaseIntroduction Subscriber Management FeaturesIntroduction Subscriber Management Components Subscriber Management ComponentsOCS SMS2000Introduction User Interface Getting StartedStyle Conventions Accessing Help for CommandsFor example restore config web original-confi g Ifconfig portnumber ipaddress /masklenCursor Motion Keystrokes Cursor MovementEstablishing a Connection Via a Serial Interface Initial ConfigurationClick Configure Establishing a Connection with the SMS2000Establishing a Connection Via Telnet Initial Configuration Changing Your Password Initial ConfigurationSetting the Quick Configuration Disabling Authentication Setting the HostnameSaving the Configuration Verifying the Configuration Rebooting the SystemReboot Set config-mailrecipient@SMTPserver SMTPserver System AdministrationConfiguration E-Mail Settings Setting the Default Configuration E-mailCommitting Configuration Changes Configuration and System File ToolsMailing the Current Configuration Deleting the Configuration E-mailCommit noauto Automatically Committing Configuration ChangesDisabling Automatic Configuration Changes Commit autoLoading a Configuration File Saving a ConfigurationRestoring a Previous Configuration Deleting the Smtp Server Configuring SmtpRestoring the Default Configuration Setting the Smtp ServerSet smtpid on off Configuring NTPSetting the Smtp ID Setting the TimezoneEnabling Snmp Polling Configuring Snmp PollingConfiguring the NTP server Setting the TimeDisabling Snmp Polling Testing to See if Snmp Polling will WorkSnmp-pollmacaddress System Tools Connectivity and TestingTesting Connectivity Setting Specialized System OptionsPort-definition mixed tut vlan Setting and Deleting Static PortsDefining Ports Leftrighthelp ?Displaying Log Messages Disconnecting a Session on a PortSetting the Syslog Server Event TrackingDisplaying Version Information System Administration ToolsExiting the Management Session Keys Changing a PasswordDisplaying Control Keys PasswdSnmp System Location Snmp ManagementSnmp Agent Snmp System ContactSnmp Trap Recipient Snmp CommunityShow snmp trap-recipient Troubleshooting ToolsSystem Information Tools SMS2000% snmp delete trap-recipientSetting the ARP Polling Period Subscriber Connectivity CommandsUpgrades Setting the ARP Failure LimitArchiving SMS2000 Firmware and distributing it from a Server Upgrading from Tut Systems’ WebsiteReturning to an Older Firmware Version Verifying a Successful UpgradeLoading Another Image System Administration Authentication AuthenticationAdding the OCS as the Authentication Server Configuring the Command ServerSetting the Command Server for OCS Interaction Deleting the Command ServerAuth on Deleting an Authentication ServerTesting Authentication Auth add web url secret secret cmd-servAuth interval minutes off Setting the Authentication IntervalBypassing Authentication Auth off forcedweb authokurl blockallDeleting the Http Request Throttle Setting the Http Request ThrottleHttp Request Throttle Allow-NetsSet allow-netipaddress netmask dns-name Setting an Allow-NetSet authok url Setting the Automatic Redirection URLAutomatic Redirection URLs Deleting an Allow-NetDelete authok Authentication with RadiusDeleting the authok Adding a Radius ServerSyntax Description CommandDefault retrans-primary-only is DefaultUsage Guidelines Example Set nas-port-type integer Set NAS port type parameterSet nas-port-type Show status radius Example Testing Authentication on the Radius ServerConfiguring a Radius SSL Back Channel Show status radiusServer Functionality AuthorizationAuthorization AuthorizationAccounting AccountingSending Accounting Messages to a Syslog Server Deleting a Radius Accounting Server Radius Accounting ConfigurationConfiguring Accounting Parameters Sending Accounting Messages to a Radius ServerProvisioning ProvisioningBilling BillingGroup add groupname noinherit inherit groupname Service Creation Using Groups and RulesGroups Adding a GroupDeleting a Group Setting the Active Group ContextSubscribers that Cannot Support Authentication Setting Maximum Users Per PortSet rule rulename groupname priority rulestring SMS2000 RulesAdding a Rule Deleting a RuleIp=ipaddress ,netmask Rule Expression ComponentsIP Address MAC AddressVlan=vlanida-vlanidb Not OperatorTut=ipaddress-linenum*-portnum Expression and expression OperatorOr Operator ParenthesisUsing Rule Priorities IP Addressing IP AddressingPlug and Play With NAT Dhcp Pools Static Routable AddressesIP Multicasting Static Non-Routable AddressesIptype default NAT static Dhcp 1to1 1to1Unique Configuring IP TypesUnderstanding 1to1 and 1to1 Unique IP Types Set source-netstartaddress endaddress subnet-mask Setting a Source-NetDeleting a Configured Source-Net Source-NetsDhcp-server release macaddress Setting the DNS Server AddressCreating Dhcp Pools Removing a Dhcp AssignmentSet dns add ipaddress Static RoutesDeleting the DNS Server Address Adding RoutesPrinting Setting up the LPR HostSet lpr hostname off queuename maxpages maxbytes Configuring Radius Using SMS2000 with a Radius ServerObtaining the Radius Server Software Adding the SMS2000 as a Client on the Radius Server Configuring Service ParametersAdding Users to the Radius Server Radius Ports Using Real IP AddressesSMS2000 NAS File SMS2000 Status Attributes and StatisticsRadius Attributes Sent in Accounting Messages Radius Attributes Sent In Access Request Packets Using Both Radius and OCS AuthenticationRadius Attributes Received in Access- Accept Packets Shape xbps/rbps delete Setting Traffic ShapingDeleting Traffic Shaping Shape xbps/rbpsSMS2000 and Property Management Systems PMS Setting the PMS ServerTTY ACK-NAK ENQ-ACK-NAK Protocol ModesENQ-ACK-NAK Mode Loading Web Pages or Files Customizing SMS2000 Web Authentication with RadiusLoading and Deleting Customized Web Pages Files For GroupsPath Components Load web url defaultsImage Links Preserving the Web Form Customizing Web PagesUpgrading Deleting Web Pages or FilesWeb Page Redirection Size For Web Pages and External LinksViewing Customizations Active Page ComponentsReference Setting the Wpad Timeout Configuring Web Proxy SettingsWeb Proxy Settings Setting the Wpad CurlWeb Proxy Server Delete proxy-ports port Set proxy-ports portShow proxy-ports SMS2000 Troubleshooting Procedures SMS2000 TroubleshootingUnable to do credit card Snmp PollingMultiple frames opened BrowserLine Verify OCS screens offRadius Attributes in Access-Accept Packets Appendix a Radius Access-Accept Dictionary FileAppendix Appendix TUT Systems, Inc 100 Equipment Return and Repair Appendix B Technical Assistance and Customer SupportTechnical Support Internet TelephoneExclusive Remedies Appendix C SMS2000 Limited WarrantyHardware Limited Warranty Limitations of WarrantyFCC Radio Frequency Interference Statement Electrical Safety AdvisoryTut Systems, Inc., Customer Service Department AssistanceTUT Systems, Inc 104