Netopia CLI 874 manual Radius, Tacacs+

Motorola Netopia® Router CLI Commands 2-69

remote-server unprotected no

service unprotected [ yes no ] show service unprotected

no service unprotected

These commands allow you to specify, show, or disable whether or not a service is "unprotected."

unprotected indicates whether traffic will be sent over a force-all IPSec tunnel or not. All services default to unprotected no, meaning that they will be routed over the IPSec tunnel, unless set to yes.

The no default enhances security since it requires user intervention to prevent the service from being routed over the IPSec tunnel.

If no is used with the commands, the value goes back to the default 0.0.0.0 and no.

Examples:

■RADIUS, TACACS+

The remote-server configuration controls the settings for both TACACS+ and RADIUS servers.

remote-server interface 0.0.0.0 remote-server unprotected no

■SNMP

By default, SNMP services use the primary WAN interface, thus no interface selection is required.

■syslog

system syslog interface 0.0.0.0 system syslog unprotected no

■NTP

ip ntp interface 0.0.0.0 ip ntp unprotected no

■heartbeat

heartbeat uses the primary WAN interface, thus no interface selection is required.

heartbeat unprotected no

If the service fails, a message will be added to the event log. This message has the format;

[service] failed. Could not open socket