Setting the default-service authentication mode | ADC SG-1 specification

Chapter 7: Second Level Commands

June 30, 2006

Setting the default-service authentication mode

Host(config)# def-service-auth

When using authentication by username and password two protocols are available:

•PAP (Password Authentication Protocol)–the most basic form of authentication. In PAP, a user's name and password are transmitted over the network and compared to a table of name-password pairs. The main disad- vantage of PAP is that both the username and password are transmitted without encryption.

•CHAP (Challenge Handshake Authentication Protocol)–a type of authentication in which the network server sends the client program a key to encrypt the username and password. This enables the username and pass- word to be transmitted in encrypted form to protect them against eavesdroppers.

The def-service-authcommand is used to set the type of authentication for PPP connections in the default step. Five options may be typed on the command line after this command, as shown in Table 7-4.

Usage

def-service-authno-service ppp-auto ppp-none ppp-pap ppp-chap auto-select

	Table 7-4. def-service-auth command parameters
Parameter		Description

no-service		Disables authentication in the default step, even if authentication by caller ID is
		enabled.

ppp-none		Allows PPP access without authentication in the final step if authentication by
		caller ID was enabled.

ppp-pap		Authentication in the default step by the PAP authentication method, even if
		authentication by caller ID was enabled.

ppp-chap		Authentication in the default step by the CHAP authentication method, even if
		authentication by caller ID was enabled.

auto-select auth-retry on / off		Enables PPP authentication by PAP, CHAP or terminal + enables 3 more
		retries through an after dialing window if the user inserted wrong username or
		password (auth-retry on).

Example(s):

Host(config)# def-service-auth ppp-auto

7-12	SG1-UM-8500-03

Image 92

ADC SG-1 user manual Setting the default-service authentication mode, Hostconfig# def-service-auth, Parameter Description

Contents

SG-1 Service Gateway System Revision History Table of Contents Table of ContentsJune 30 SG1-UM-8500-03 June 30, 2006Table of Contents Appendix B Redirection Server Table of Contents June 30 SG1-UM-8500-03 List of Figures SG1-UM-8500-03 Vii List of Figures June 30 Viii SG1-UM-8500-03 List of Tables List of Tables June 30 SG1-UM-8500-03 Introduction OrganizationIntended Audience Chapter Description Conventions EU ComplianceInspecting Your Shipment Element Meaning Features Chapter Method of Procedure Before YOU BeginSite Preparations Overview June 30 Unpacking and Checking the Contents of Your Shipment Number System Installation NotesPacking List Location Requirements Specific SG-1 Chassis Installation RequirementsRequired Tools and Equipment Power Requirements Blank Faceplate RequirementEnvironmental Requirements System Cabling Requirements Network Cabling Chassis Ground and Power CablingConfiguration Port Cabling Overview June 30 SG1-UM-8500-03 Mounting the SG-1 Chassis Connecting the SG-1 Chassis GroundConnecting the Power Source Installing Interface Cables Installation June 30Connecting AC Power to an SG-1 AC Chassis Connecting Network Cards June 30 Installation Straight-Through and Cross-Over Cable Pin-Outs Connecting the Craft Port Interface Powering UP the SG-1Installing Cards and Blank Faceplates Connecting to an Ethernet Port Installing Blank Faceplates Serial Cable Installation June 30 SG1-UM-8500-03 Understanding the Interface Structure SG-1 Sub-Menus and Associated Commands Types of CommandsOverview Commands and Navigation Menu Types of CommandsGeneral Commands Enter the following command Command Path Navigation Navigation Commands Use This Feature COMMAND-LINE EditingJune 30 Command-Line Interface CLI Command-Line Interface CLI June 30 SG1-UM-8500-03 Logging on to the Craft Port Connecting to the Craft PortDefault Username/Password Authority Setting the IP Address Accessing the Command Line Interface June 30Host configure terminal Hostconfig# interface ethernet Write memory Ethernet Mode ParametersInterface Identification Card/Type Slot/Port Value Explanation Host show configuration Displaying the IP Address Configuring the SG-1 \users\defaulttelnetLogging on Logging OFF Using the Command Line Interface June 30 What to do Next FIRST-LEVEL Commands Using the Grep command System-command grep stringUsing the ? command Showing a List of Available Parameters Host show ? June 30 First-Level Commands ExamplesUsing the show ? command Using the show version command Host show versionShow version softwarehardwarepack Show version software SCC Show version hardware Host show version Software Module Num Application 650003 8200935 Host Displaying the configuration in Nvram Show configuration June 30, 2006Chapter 6 First-Level Commands Examples Ip local-pool pool1 162.10.1.1 162.10.1.254 internal Ip domain-name POPmaestro Displaying Ethernet port configurations Host show terminalDisplaying Ethernet Port Statistics Host show ethernet 0 \ First-Level Commands June 30 Examples Displaying Sonet port status Host show port sonetShow port sonet Host show port sonet Show atm pvc Displaying ATM Port StatusHost show atm pvc Displaying User Status Host show userShow crnumber Number First-Level Commands June 30 Displaying System Administrators Displaying Routing TablesHost show ip-route Show ip-route Displaying System Parameters Host show systemShow system Show system load Load June 30 First-Level Commands Show license Displaying License AttributesHost show license DATE=December 22 2005 160357 Version SN1=6046838 First-Level Commands June 30 Ethernetvlan Displaying Vrrp attributesHost show vrrp interface Displaying active GRE and IP-in-IP tunnels Host show ip-tunnel 10.10.1.20 Displaying show mpls-labels commands Host show mpls-labels Host show labels vc VC Type Group ID Label Tunnel Endpoint Upper stack FEC ID0xc2010000 123876 192.0.1.8 0xc2010001 1034 212.1.3.4 Displaying show mpls l2transport vc commands Displaying a list of available write commandsHost show mpls l2transport vc Host write ? June 30 First-Level Commands Examples Host copy-TFTP flash Using the copy-TFTP commandUsing the ping command to test network connectivity Atm Atm slot numberAtm atm port number Atm sub-interface number Using the reload command to restart the system Host reload non-graceful Resetting the system in 10 secondsHost reload non-graceful Reload non-graceful Clearing Users Host clear userClear user line number Line number Using the Traceroute Command Host tracerouteTraceroute ip address -h number -i seconds Seconds Using the exit command Exit Host debug Using Debug ModeSwitching to Debug Mode Using the show command in debug mode Hostdebug# showShow memory system log-modules statistics arp System First-Level Commands June 30 Examples Group Error Event Trace Name Min Max Module Group Error Event Event Trace Name Min Max Show arp command Clear arp command Clear arp arp-specific ifindexNetAddress Parameters Show memory Defining port-ethernet redundancy-mode command Hostdebug# port-ethernet redundancy-modeDefining the Sonet port source clock Hostdebug# port sonet source-clock Radius-server check user-name password auth-type PAP Checking the system Radius interfaceHostdebug# radius-server check User-name First-Level Commands June 30 SG1-UM-8500-03 Second Level Commands Using the configure command Second Level Commands June 30 Examples Hostconfig# banner command Banner CommandEthernet Commands Configure Ethernet Ports Card Type Slot\Port Second Level Commands June 30Ethernet mode Ethernet Operating Mode Hostconfig# no interface EthernetHostconfig# no interface Ethernet 0\1 No interface Ethernet slot number\port number Hostconfig# port-ethernet redundancy-enable Configuring Ethernet RedundancyUsing the port-ethernet redundancy-enable command June 30 Second Level Commands Examples Using the no port-ethernet redundancy-enable commandHostconfig# no port-ethernet redundancy-enable Hostconfig# no port-ethernet redundancy-enable 1\1 1\2 Loopback Commands Configuring interface loopbackHostconfig# interface loopback Interface loopback interface number IP address mask Vlan Commands Hostconfig# no interface loopbackConfiguring the Vlan Hostconfig# interface vlan Vlan name Second Level Commands June 30 UsageVlan id Authentication Commands Hostconfig# no interface vlanUsing the password pre-authentication command Hostconfig# password pre-authentication Setting the default-service authentication mode Hostconfig# def-service-authDef-service-auth command parameters Hostconfig# def-service-auth ppp-auto Changing domain authentication settings Hostconfig# domain-authenticationDomain-authentication separator @# then press Enter No domain-authentication then press Enter ATM Commands Second Level Commands June 30 ExampleHostconfig# no authentication web-auth-method Using the port sonet command Configuring SONET/SDH port redundancy Hostconfig# port sonet redundancy-enable Hostconfig# interface Using the pppoa enable command Hostconfig# pppoa enable interface Hostconfig# interface atm HostConfig# no pppoa enable interfaceUsing the interface atm command Parameter Description Legal values/range Interface atm command parametersHostconfig# no interface atm Configuring a single PVC Hostconfig# atm pvcVpi Vci Configuring a range of PVC’s Hostconfig# atm pvc range Configuring the Radius server in the SG-1 configuration Hostconfig# radius-serverConfiguring the Radius server host Hostconfig# radius-server host Radius-proxy client parameters Parameter Description Values Configuring the Radius proxy for native IPHostconfig# radius-proxy client Using the service cache command Hostconfig# service cacheService cache offon aging-time minutes Using the ip radius source-interface command Access List Commands Hostconfig# no ip radius source-interfaceHostconfig# access list No ip radius source-interface Hostconfig# access-list SNMP-permit 25.3.2.251 Using the access-list native-ip commandHostcongfig# access-list native-ip Access-listnative-ipsource ip address source mask Hostcongfig# no access-list native-ip No access-list native-ip source ip addressUsing the access-list native-ip-pass-through command Hostcongfig# access-list native-ip-pass-through Snmp Commands Hostcongfig# no access-list native-ip-pass-throughNo access-list native-ip-pass-through source ip address Using the SNMP-server community Using the SNMP-server trap-source-int Hostconfig# SNMP-server trap-source-int Tunnel Commands Hostconfig# interface tunnel No interface tunnel interface number Setting the no interface tunnel commandHostconfig# no interface tunnel Using the ip tunnel echo command Hostconfig# ip tunnel echoIp tunnel echo echo source IP address Echo source ip address Timeouts Commands Setting the Session-TimeoutSetting the Idle-Timeout Idle-timeout command Native IP Commands Hostconfig# native-ip dhcp pre-auth-modeHostconfig# native-ip def-service-auth Native-ip def-service-auth service name Using the native-ip enable command Hostconfig# native-ip enable interface Hostconfig# no native-ip enable Vlan 1\1\9 Using the no native-ip enable commandHostconfig# no native-ip enable interface Hostconfig# native-ip realm Hostconfig# no native-ip realmHostconfig# native-ip raoming Native-ip realm realm string Hostconfig# no native-ip roaming No native-ip roaming Using the ip tcp adjust-mss command Hostconfig# ip tcp adjust-mssIp tcp adjust-mss on off Hostconfig# ip tcp adjust-mss on L2TP and PPP Commands Hostconfig# ip primary-name-server Hostconfig# ip secondary-name-serverHostconfig# tunnel-server Ip primary-name-server IP address Setting multi-link mode Hostconfig# multilink-modeHostconfig# ip local-pool Defining an address pool Lcp renegotiate or no lcp renegotiate Using the lcp renegotiate commandHostconfig# lcp renegotiate Using the lcp echo command Hostconfig# lcp echo Using the service internal command Hostconfig# service internal Usage Scenarios SG-1 as xDSL aggregator using ATM network PPPoE support Using the pppoe enable command Hostconfig# pppoe enable interfaceUsing the no pppoe enable command Hostconfig# no pppoe enable interface Dhcp Commands Using the ip dhcp relay server commandHostconfig# ip dhcp relay server Using the no ip dhcp relay server command Hostconfig# no ip dhcp relay information option Hostconfig# ip dhcp relay information optionUsing the no ip dhcp relay information option command Ip dhcp relay advertise-protocol rip ospf Hostconfig# ip dhcp relay agent-id-overwrite interfaceHostconfig# ip dhcp relay advertise-protocol Igmp Commands Using the ip igmp proxy commandHostconfig# ip igmp proxy upstream-interface Using the no ip igmp proxy command Routing Command Hostconfig# ip forwardIp forward Hostconfig# no ip forward Hostconfig# ip route Tunnel interface ip Route network 192.168.4.0 to Loopback interface Hostconfig# no ip route Using the ip default-gateway commandHostconfig# ip default-gateway Hostconfig# no ip default-gateway No ip default-gateway Using the router commandHostconfig# router Using the router id command Hostconfig# no router Hostconfig# ip rip authentication keyIp rip authentication key key name Hostconfig# ip ospf interface ... area Hostconfig# no ip ospf interface Using the ip ospf interface hello-interval commandHostconfig# ip ospf interface ... hello-interval Hostconfig# no ip ospf interface ... hello-interval Using the ip ospf interface dead-interval command Hostconfig# ip ospf interface ... dead-intervalHostconfig# no ip ospf interface ... dead-interval Using the ip ospf interface authentication command Using the ip ospf interface authentication-key command Hostconfig# ip ospf interface ... authentication-keyHostconfig# no ip ospf interface ... authentication-key Simple-pass message-digest null Using the ip ospf interface message-digest-key command Hostconfig# no ip ospf interface ... message-digest-keyUsing the no ip ospf interface message-digest-key command Keyid Hostconfig# ip ospf area Hostconfig# no ip ospf area ... stubHostconfig# ip ospf advertise network No ip ospf area area-idstub Hostconfig# no ip ospf advertise network Using the mpls ip interface commandHostconfig# mpls ip interface Hostconfig# no mpls ip interface Hostconfig# mpls l2transport interface Hostconfig# no mpls ip Ethernet 0\1Using the mpls l2transport interface command Hostconfig# no mpls l2transport interface Hostconfig# no mpls l2transport interface 194.90.1.4Using mpls l2transport route command Hostconfig# mpls l2transport route interface Using the no mpls l2transport route command Hostconfig# no mpls l2transport route interface Hostconfig# mpls ip default-route Mpls ip default-routeHostconfig# no mpls ip default-route No mpls ip default-route 17. vrrp command parameters Ethernet VlanPriority value On off June 30 Second Level Commands Example 1 SCC1 configuration Second Level Commands June 30 Using the no vrrp command Hostconfig# no vrrp interfaceHostconfig# no vrrp interface Ethernet 0\1 Using the vrrp preempt command Debug Commands Hostconfig# vrrp preempt interface Vlan 1\2 7 enableConfigure watchdog Config-debug# watchdog-TimeValue Configure time server Config-debug# time-server-ipConfigure error level commands Config-debug# error-level June 30 Second Level Commands Example Set-all Debug modules Vrrp Mpls Debug groups Trace commands Config-debug# trace Configure Config-debug# sysLog-server-ipConfig-debug# exit Example Config-debug# exit cr Host Example Config-debug# end cr config# SG1-UM-8500-03 Vendor-Specific Attributes Table Table A-1. Vendor-Specific Attribute ListAttribute First Num Attribute Name Group Introduced Description Appendix a SG-1Vendor-Specific Attributes June 30 June 30 Appendix a SG-1Vendor-Specific Attributes Radius Appendix a SG-1Vendor-Specific Attributes June 30 June 30 Appendix a SG-1Vendor-Specific Attributes Hierarchical Attribute Mode Authentication Response Type Accounting BehaviorUser Group Useraccounting sub-attribute Useraccounting=disable Useraccounting=enableScenario Action Radius definition Accounting Behavior General Userorig-name sub-attribute Adc-avpair = userorig-name=original user nameAdc-avpair = userorig-name=test Userauth-type sub-attribute Useraction sub-attribute June 30 Appendix a SG-1Vendor-Specific Attributes GeneralAdc-avpair = userauth-type=pre-auth User service-name sub-attribute Adc-avpair = useraction=RejectUser SSC-host sub-attribute Adc-avpair = userSSC-host=SSC host IP address Userpersonal-site sub-attribute Adc-avpair = userservice-name=service nameAdc-avpair = userservice-name=SRV1 Adc-avpair = userpersonal-site=site URL Adc-avpair = usermac-address=User MAC addressAdc-avpair = usermac-address=00022d386dbe Adc-avpair = usergroup=group number Usermax-allowed-sessions sub-attribute Adc-avpair = usermax-allowed-sessions=1Userclass sub-attribute Adc-avpair = userclass=user class data Adc-avpair = usereds-enc-key=EDS encryption key Adc-avpair = usereds-enc-key=02f804fea90102f8Adc-avpair = usereds-cookie=user eds cookie Adc-avpair = usereds-cookie=rt123456 Adc-avpair = useroriginal-url-prefix=?url= Useroriginal-url-prefix sub-attributeAdc-avpair = useroriginal-url-prefix=prefixed string Dhcp Group Dhcpdhcp-server sub-attributeAdc-avpair = dhcpdhcp-server=DHCP Server IP Adc-avpair = dhcpdhcp-server=194.90.1.5 Adc-avpair = dhcpdiscover-action=normal update Adc-avpair = dhcpdiscover-action=updateDhcpopt82-relay-remote-id sub-attribute Adc-avpair = dhcpopt82-relay-remote-id=01844400660300 Service Group Adc-avpair = serviceservice-timeout=timeout in secondsAdc-avpair = serviceservice-timeout=500 Protocol Group Adc-avpair = servicenext-service-name=service name Adc-avpair = servicenext-service-name=SRV12Adc-avpair = serviceauto-service-name=service name Adc-avpair = serviceauto-service-name=SRV12 Serviceauth-source Adc-avpair = serviceauth-source=service user CLIAdc-avpair = serviceauth-source=CLI Servicedata-quota Adc-avpair = servicedata-quota=5000000 Servicedata-quota-usedAdc-avpair = servicedata-quota-used=5000000 Serviceacl-data-quota Adc-avpair = serviceacl-data-quota=1015000000 Serviceservice-cacheAdc-avpair = serviceservice-cache=off Serviceacl-data-quota-used Adc-avpair = serviceacl-data-quota-used=video5000000 Serviceacl-packet-quota ADC-avpair = serviceacl-packet-quota=mail100300 Serviceacl-packet-quota-used Adc-avpair = serviceroaming=disable Adc-avpair = serviceacl-packet-quota-used=mail100245Serviceroaming Adc-avpair = routenext-hop=192.168.1.23 Route GroupAdc-avpair = routenext-hop=Next-hopIP address Adc-avpair = routenip-pipe-next-hop=Next-hop IP address Adc-avpair = routenip-pipe-next-hop=192.168.1.23Adc-avpair = routeadvertise-protocol=ripv2 ospf Adc-avpair = routeadvertise-protocol=ospf Adc-avpair = routeforward-addr=IP address Adc-avpair = routeforward-addr=192.168.1.4 Adc-avpair = vpdntunnel-id=test Vpdn GroupAdc-avpair = vpdntunnel-id=username Adc-avpair = vpdnl2tp-tunnel-password=password Adc-avpair = vpdnl2tp-tunnel-password=testAdc-avpair = vpdnip-address=x.x.x.x Adc-avpair = vpdnip-address=192.168.4.3 Vpdntunnel-client-ip-address Vpdnnativeip sub-attribute Gcon-avpair = vpdnnativeip=pppVpdnip-tunnel sub attribute Adc-avpair = vpdnip-tunnel=gre192.168.1.34 Gcon-avpair = qosup-mean-rate=128 QOS GroupGcon-avpair = qosup-mean-rate=up mean rate in Kbits Adc-avpair = qoscos=access-list nameCOS value Adc-avpair = qosacl-up-mean-rate=acl1128Qosacl-down-mean-rate sub attribute Adc-avpair = qosacl-down-mean-rate=acl1256 Qosacl-priority sub attribute Adc-avpair = qosacl-priority=acl11 DNS Group Dnsip-primaryAdc-avpair = dnsip-primary=Primary DNS IP Adc-avpair = dnsip-primary=194.90.1.5 Using password command Appendix B Password user type password Using default-redirection-site commandDefault-redirection-site URL name RDSHost configure terminal cr Orup Commands Using Orup Original Requested URL PrefixUsing orup-active command Using no orup-active command Service Name Commands Using service-name commandService-name service name No service-name Tftp Commands Using copy-TFTP commandJune 30 Appendix B Redirection Server Usage Event-level NUM output-device Logging media Copy-TFTP flash def-redirection-page IP address File name Using copy-TFTP flash def-redirection-page commandExample 2 Unsuccessful software download RDSHost sysLog-server-ip 192.168.1.8 cr Using sysLog-server-ip commandParameter sysLog server IP Show Commands Using show version command Using show configuration command Show configurationUsing show system command June 30 Appendix B Redirection Server Example Using interface Ethernet command Appendix B Redirection Server June 30 Example Hostconfig# no interface Ethernet 1 cr No interface Ethernet Interface number Default Gateway Commands Using ip default-gateway commandUsing no ip default-gateway command No ip default-gateway Using Reload Command FormatParameter non-graceful RDSHost RDSHost reload non-graceful Write terminal Write CommandsUsing write terminal command Using Poweroff Command Using write memory commandPoweroff Using access-list SNMP-permit command Using no access-list SNMP-permit command No access-list SNMP-permit IP addressUsing SNMP-server community command Appendix B Redirection Server June 30 Parameters IP address Using Reset Configuration Command Http CommandsReset configuration Using http-proxy-server port command Using no http-proxy-server port command Http-proxy-server port port numberParameter port number No http-proxy-server port port number Using ip primary-name-server command Name ServerIp primary-name-server IP address RDSHost write terminal cr Ip dns server Using ip remote-proxy command RDSHostconfig ip remote-proxy192.168.1.4 8080 crUsing no ip remote-proxy command RDSHost write terminal cr Ip remote-proxy 192.168.1.4 Using Hostname Command RDSHostconfig hostname rdstest cr RDSHost write terminal crHostname rdstest Eds-url-identity eds url name Remote-ip-in-ip IP address Using remote-ip-in-ip commandNo eds-url-identity Using no remote-ip-in-ip command No remote-ip-in-ip IP address Show User Commands Using show users commandUsing show proc command Using show memory command Using Debug Protocol Command Using Rest WEB CommandReset web Show cpu Using Date Command RDSHostADC date 180730 10/02/2002 cr Sales Assistance Systems IntegrationADC Technical Assistance Center 800.366.3891 Appendix C Product Support June 30 SG1-UM-8500-03 Glossary SG1-UM-8500-03 GL-1 Glossary June 30 GL-2 SG1-UM-8500-03 Certification and Warranty World Headquarters For Technical Assistance