CHAPTER 1: INTRODUCTION AUTHENTICATION OPERATIONS

RP[] affects port-less addresses specified in the RV[] command as well.

For RA[], each IP address is separated by a semi-colon;’ and the first IP address will be tried for each new connection attempt. When the main IP address fails to respond, the next IP address in the list will be tried, and so on, if it fails. After the last IP address is tried, the logic will continue from the first IP address again. A retry attempt on the main IP address is subject to the RR[] Reconnect time. After any disconnection, the logic will always begin with the main IP address as its first attempt.

For RV[], sets of R3000 addresses are specified based on an IP range that matches the client’s IP address; multiple destination R3000 addresses may be used in each set and will have the same functionality as multiple destinations specified in the RA[] parameter. Each set is surrounded by parentheses ‘( )’s, and sets are separated by commas ‘,’. Any local client IP address that does not match any set will use the RA[] address. Sample format:

RV[(102.108.1.0-102.108.1.255;1.1.1.1;2.2.2.2),(102.108.2.0- 102.108.2.255;3.3.3.3:222)]

In this example, a client with an IP address of 102.108.1.5 would try to connect to 1.1.1.1 using the RP[] port (2.2.2.2 as the backup). A client with 192.168.2.15 would try to connect to 3.3.3.3 port 222, which has no backup.

Any local address that would end up connecting to 0.0.0.0 will not be observed by the 8e6 Authenticator. This allows RV[] to allow only specified ranges of IP addresses to be observed by the 8e6 Authenticator.

8E6 TECHNOLOGIES, R3000 ENTERPRISE FILTER AUTHENTICATION USER GUIDE

49

Page 61
Image 61
8e6 Technologies R3000 manual RV102.108.1.0-102.108.1.2551.1.1.12.2.2.2,102.108.2.0