Motorola Netopia® Router CLI Commands 2-69

remote-server unprotected no

service unprotected [ yes no ] show service unprotected

no service unprotected

These commands allow you to specify, show, or disable whether or not a service is "unprotected."

unprotected indicates whether traffic will be sent over a force-all IPSec tunnel or not. All services default to unprotected no, meaning that they will be routed over the IPSec tunnel, unless set to yes.

The no default enhances security since it requires user intervention to prevent the service from being routed over the IPSec tunnel.

If no is used with the commands, the value goes back to the default 0.0.0.0 and no.

Examples:

RADIUS, TACACS+

The remote-server configuration controls the settings for both TACACS+ and RADIUS servers.

remote-server interface 0.0.0.0 remote-server unprotected no

SNMP

By default, SNMP services use the primary WAN interface, thus no interface selection is required.

syslog

system syslog interface 0.0.0.0 system syslog unprotected no

NTP

ip ntp interface 0.0.0.0 ip ntp unprotected no

heartbeat

heartbeat uses the primary WAN interface, thus no interface selection is required.

heartbeat unprotected no

If the service fails, a message will be added to the event log. This message has the format;

[service] failed. Could not open socket

Page 80 Page 82
Page 81
Image 81
Netopia CLI 874 manual Radius, Tacacs+
Page 80 Page 82
Top Page Image Contents