Allied Telesis AT-WA1104G-10 manual Radius

Page 34

 

 

 

 

 

 

 

 

Features in 291-08

 

 

 

34

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CR

Module

Level

Description

AR400

AR7x5

AR7x0S

Rapier i

 

Rapier w

AT8800-

AT-8600

 

AT-8700XL

x90048-

AT-9900

AT-9800

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CR00016662

 

-

This software release supports the new x900-48FS switch. For an overview

-

-

-

-

 

-

-

-

 

-

Y

-

-

CR00016891

 

 

of the switch, see “Support for the new x900-48FSswitch—CR00016662”

 

 

 

 

 

 

 

 

 

 

 

 

 

CR00017335

 

 

on page 92.

 

 

 

 

 

 

 

 

 

 

 

 

 

CR00017937

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CR00016913

PPP

-

This enhancement enables the PPPoE client to establish a session promptly

Y

Y

Y

Y

 

Y

Y

-

 

-

Y

Y

Y

 

 

 

after a restart or power cycle. This is done by sending a PPPoE Active

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Discovery Terminate (PADT) frame in response to a frame received with an

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

unknown PPPoE session ID.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CR00017197

SSH, User,

-

SSH sessions to the router or switch can now be authenticated via RADIUS.

Y

Y

Y

Y

 

Y

Y

Y

 

Y

Y

Y

Y

 

RADIUS

 

The router or switch attempts to authenticate an SSH user via RADIUS if the

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

user to be authenticated is not configured in the local user database and

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

the router or switch has RADIUS configured.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CR00017395

Firewall

-

This enhancement enables the firewall to establish accurate MSS

Y

Y

Y

Y

 

Y

Y

-

 

-

-

-

Y

 

 

 

(Maximum Segment Size) values for TCP sessions without using the MTU

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

discovery process. MTU discovery depends on ICMP error packets, so does

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

not work in networks that do not forward ICMP error packets.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

To enable this feature, use the command:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

enable firewall policy=name adjusttcpmss

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

The adjusttcpmss parameter enables the firewall to adjust the MSS value

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

stored inside incoming TCP SYN packets, to reflect the lower of the two

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

MTU values on the ingress and egress interfaces. Normally, for example, if

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

a TCP SYN packet arrives from an interface with an MTU of 1500 and leaves

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

on an interface with an MTU of 1000, the MSS inside the SYN packet will

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

remain at 1460. When this feature is enabled, the MSS will be adjusted to

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

960 because the firewall knows that the egress interface has a smaller

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

MTU. Note that the firewall does not change the original MSS value if it is

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

already lower than the values of the ingress and egress interfaces.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

To disable this feature, use the command:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

disable firewall policy=name adjusttcpmss

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This feature is disabled by default.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Version 291-10

C613-10488-00 REV G

Page 33 Page 35
Image 34
Page 33 Page 35
Contents Maintenance Version Models Series Release File Date Size bytes GUI fileEnabling and Installing this Release Enabling and Installing this ReleaseLevels Levels3Snooping SwitchingIP Gateway CR00018691 ModuleCR00018663 CR00018693CR00018514 Module Level Description CR00018530CR00000484 Policy attack commandCR00000444 CR00001231Protocol=any and ipprotocol=icmp VlanInstall, MIB VPN, GUI Create config TTYIgmp PIM6 Isakmp CR00016989 CR00016985ATM CR00017081CR00017255 CR00017226CR00017227 CR00017256CR00017456 CR00017368QoS CR00017488CR00017659 CR00017518CR00017634 CR00017662Show config dynam or saved by the command create config PIMCommand add fire policy=name rule=number act=allow int=int File GUIBridge Install, Snmp Install CR00011223 CR00010979CR00010984 CR00011259Ping Conf dyn=ipCR00013635 CR00013494CR00013543 MaxttlCR00014103 CR00013832CR00013920 CR00014137CR00014879 CR00014304CR00014330 CR00015466CR00016735 CR00016452CR00016578 CR00016925Authentication GUI, SwitchCR00016099 CR00012822Process counters MacffRadius WAN Load CR00017482CR00017532 CR00017701Carried out correctly Have been. This could cause serious routing issuesCR00017869 CR00018039Enhancements CR00010003 You enable the firewall session licenseCR00007737 CR00011533CR00013500 CR00012980CR00013041 CR00013527CR00015736 CR00015569CR00015592 CR00015822DHCPv6 GUI, Firewall ConfigSYN CR00016379 CR00016364CR00016365 CR00016394CR00016576 CR00016489CR00016526 CR00016621Isdn CR00017006 CR00016940CR00016941 CR00017031VLAN, Igmp CR00017257 CR00009036 System temperature commandCR00008225 CR00010518PIM, PIM6 Switch, MIB AsynType=temporary CR00016228CR00016463 CR00016799CR00013976 CR00000396CR00011560 CR00015543CR00015432 CR00014288CR00014667 ADSL, GUIAddress of the policy CR00016150Create isakmp policy=name other parameters CR00016221CR00016361 CR00016234CR00016285 Cu SFPsStatus in the entry labelled Main fan CR00016459CR00016523 CR00016785 CR00016758CR00016776 CR00016977CR00013813 CR00013787Logging CR00013963CR00016314 Was enabled enable bgp autosoftupdateCR00014145 CR00010511IGMP, Vlan EthernetCR00014298 CR00014228CR00014269 CR00014323CR00014795 CR00014714CR00014748 CR00014834Switch, Macff CR00015474 CR00015348CR00015396 CR00015638CR00015971 CR00015936CR00015949 CR00015937CR00009274 CR00007000GUI, Igmp CR00009302CR00012230 Using igmpproxy=offCR00010136 CR00012493CR00012858 CR00012585CR00012832 CR00013150CR00014038 CR00013629CR00013694 CR00014047GUI, Log CR00014659 CR00014328CR00014652 CR00014724PIMv6 CR00015159 CR00015148CR00015155 CR00015258CR00016058 CR00015666CR00015798 CR00015915CR00009087 Disable debug activeCR00004677 Core, UtilityCR00013112 CR00012602CR00013045 CR00013188CR00013589 Command create config, set summertime came before enableCR00013463 CR00013640Ddns VLAN, Bridging CR00014750CR00014778 CR00015080Many Ways System LED flashes in a single flash pattern Main chassis fan in the output of the show system commandCR00013992 CR00014067CR00014172 DELete BOOTp RELAy=ipadd INTerface=interfaceCommand SHow BOOTp RELAy CR00014238CR00014241 MAC-forced forwarding CR00014300CR00014354 DNS CR00014715CR00014728 CR00015269 CR00014845CR00015628 CR00015102 Caused the switch to reboot This issue has been resolvedCR00014960 CR00015585Queues of buffer resource CR00015678CR00013270 CR00014306Snooping CR00014959Associated with that traffic class or flow group CR00015510CR00014222 Igmp queries, PIM messages, Ospf messages, and RIP messagesSupport for the new x900-48FS switch-CR00016662 Support for the new x900-48FS switch-CR00016662Igmp snooping fast leave in multiple host mode-CR00017482 Igmp snooping fast leave in multiple host mode-CR00017482Igmp Snooping Support for the new Rapier 48w switch Support for the new Rapier 48w switchBacking up the configuration with SNMP-CR00016221 Backing up the configuration with SNMP-CR00016221Set the load parameters Upload the file Bits Value decimal Value hex Asnberpadding setting Encoding Snmp ASN.01 BER Padding-CR00016523
Top Page Image Contents