Deleting an Authentication Server, Auth on | Tut Systems SMS2000

Authentication

The auth add web command automatically adds an allow-net to the specified server so that subscribers can be redirected to the allow-net without being intercepted. For more information on allow-nets, see “Allow-Nets” on page 49.

To add a Web server as the authentication server for the current group, use this command:

auth add web url secret secret [cmd-serv]

For this example, the SMS2000 will be configured to authenticate using the OCS server at 192.168.254.249. The shared secret donttell will be used for mutual authentication between the SMS2000 and the OCS. The OCS is treated as a command server by periodically sending it requests for commands. Type:

sms2000% auth add web http://192.168.254.249/pp/welcome.php3 secret donttell cmd-serv

Note: This feature can be used to create an allow-net of sites that are accessable without authentication.

Note: A shared secret is similar to a password.

Deleting an Authentication Server

Use the auth delete command to automatically remove an allow-net for the IP address of the Web server with a 32-bit subnet mask. If the same server is used as theWeb server and the cmd-server, auth delete deletes the cmd-server also.

To delete an authentication server from the current group, use this command:

auth delete {radius serverweb url}

For example, to stop authentication using the Web server with the IP address 192.168.254.249, type:

sms2000% auth delete web 192.168.254.249

Note: If no other servers are configured, authentication for the current group is disabled.

Testing Authentication

To test authentication for the current group without using any specific server, use this command:

auth on

For example, to enable authentication for the current group, type:

sms2000% auth on

TUT Systems, Inc

Page 47 of 104

P/N 220-06288-20

Image 47

Tut Systems SMS2000 Deleting an Authentication Server, Testing Authentication, Auth add web url secret secret cmd-serv

Contents

TUT Systems SMS2000 User Guide SMS2000 User’s Guide SMSUser’s Guide Contents Connectivity and Testing Configuring SmtpConfiguring NTP Configuring Snmp Polling Authorization Authentication Configuring the Command ServerAuthentication Authentication with Radius SMS2000 Rules Using Rule PrioritiesConfiguring Radius Groups SMS2000 Status Attributes and Statistics Using Both Radius and OCS AuthenticationWeb Proxy Settings SMS2000 Troubleshooting Procedures List of Figures Radius Attributes in Access-Accept PacketsList of Tables Related Documentation PrefaceAudience Documentation available for this Release Introduction Subscriber Management Features Introduction Subscriber Management Components Subscriber Management Components OCS SMS2000 Introduction User Interface Getting Started Style Conventions Accessing Help for CommandsFor example restore config web original-confi g Ifconfig portnumber ipaddress /masklen Cursor Motion Keystrokes Cursor Movement Establishing a Connection Via a Serial Interface Initial ConfigurationClick Configure Establishing a Connection with the SMS2000 Establishing a Connection Via Telnet Initial Configuration Setting the Quick Configuration Initial ConfigurationChanging Your Password Saving the Configuration Setting the HostnameDisabling Authentication Reboot Rebooting the SystemVerifying the Configuration Set config-mailrecipient@SMTPserver SMTPserver System AdministrationConfiguration E-Mail Settings Setting the Default Configuration E-mail Committing Configuration Changes Configuration and System File ToolsMailing the Current Configuration Deleting the Configuration E-mail Commit noauto Automatically Committing Configuration ChangesDisabling Automatic Configuration Changes Commit auto Restoring a Previous Configuration Saving a ConfigurationLoading a Configuration File Deleting the Smtp Server Configuring SmtpRestoring the Default Configuration Setting the Smtp Server Set smtpid on off Configuring NTPSetting the Smtp ID Setting the Timezone Enabling Snmp Polling Configuring Snmp PollingConfiguring the NTP server Setting the Time Snmp-pollmacaddress Testing to See if Snmp Polling will WorkDisabling Snmp Polling System Tools Connectivity and TestingTesting Connectivity Setting Specialized System Options Port-definition mixed tut vlan Setting and Deleting Static PortsDefining Ports Leftrighthelp ? Displaying Log Messages Disconnecting a Session on a PortSetting the Syslog Server Event Tracking Exiting the Management Session System Administration ToolsDisplaying Version Information Keys Changing a PasswordDisplaying Control Keys Passwd Snmp System Location Snmp ManagementSnmp Agent Snmp System Contact Snmp Trap Recipient Snmp Community Show snmp trap-recipient Troubleshooting ToolsSystem Information Tools SMS2000% snmp delete trap-recipient Setting the ARP Polling Period Subscriber Connectivity CommandsUpgrades Setting the ARP Failure Limit Archiving SMS2000 Firmware and distributing it from a Server Upgrading from Tut Systems’ Website Loading Another Image Verifying a Successful UpgradeReturning to an Older Firmware Version System Administration Authentication Authentication Adding the OCS as the Authentication Server Configuring the Command ServerSetting the Command Server for OCS Interaction Deleting the Command Server Auth on Deleting an Authentication ServerTesting Authentication Auth add web url secret secret cmd-serv Auth interval minutes off Setting the Authentication IntervalBypassing Authentication Auth off forcedweb authokurl blockall Deleting the Http Request Throttle Setting the Http Request ThrottleHttp Request Throttle Allow-Nets Set allow-netipaddress netmask dns-name Setting an Allow-Net Set authok url Setting the Automatic Redirection URLAutomatic Redirection URLs Deleting an Allow-Net Delete authok Authentication with RadiusDeleting the authok Adding a Radius Server Syntax Description Command Usage Guidelines Example DefaultDefault retrans-primary-only is Set nas-port-type Set NAS port type parameterSet nas-port-type integer Show status radius Example Testing Authentication on the Radius ServerConfiguring a Radius SSL Back Channel Show status radius Server Functionality AuthorizationAuthorization Authorization Sending Accounting Messages to a Syslog Server AccountingAccounting Deleting a Radius Accounting Server Radius Accounting ConfigurationConfiguring Accounting Parameters Sending Accounting Messages to a Radius Server Provisioning Provisioning Billing Billing Group add groupname noinherit inherit groupname Service Creation Using Groups and RulesGroups Adding a Group Deleting a Group Setting the Active Group ContextSubscribers that Cannot Support Authentication Setting Maximum Users Per Port Set rule rulename groupname priority rulestring SMS2000 RulesAdding a Rule Deleting a Rule Ip=ipaddress ,netmask Rule Expression ComponentsIP Address MAC Address Tut=ipaddress-linenum*-portnum Not OperatorVlan=vlanida-vlanidb Expression and expression OperatorOr Operator Parenthesis Using Rule Priorities Plug and Play With NAT IP AddressingIP Addressing Dhcp Pools Static Routable Addresses IP Multicasting Static Non-Routable Addresses Understanding 1to1 and 1to1 Unique IP Types Configuring IP TypesIptype default NAT static Dhcp 1to1 1to1Unique Set source-netstartaddress endaddress subnet-mask Setting a Source-NetDeleting a Configured Source-Net Source-Nets Dhcp-server release macaddress Setting the DNS Server AddressCreating Dhcp Pools Removing a Dhcp Assignment Set dns add ipaddress Static RoutesDeleting the DNS Server Address Adding Routes Set lpr hostname off queuename maxpages maxbytes Setting up the LPR HostPrinting Obtaining the Radius Server Software Using SMS2000 with a Radius ServerConfiguring Radius Adding Users to the Radius Server Configuring Service ParametersAdding the SMS2000 as a Client on the Radius Server Radius Ports Using Real IP Addresses Radius Attributes Sent in Accounting Messages SMS2000 Status Attributes and StatisticsSMS2000 NAS File Radius Attributes Received in Access- Accept Packets Using Both Radius and OCS AuthenticationRadius Attributes Sent In Access Request Packets Shape xbps/rbps delete Setting Traffic ShapingDeleting Traffic Shaping Shape xbps/rbps SMS2000 and Property Management Systems PMS Setting the PMS Server TTY ACK-NAK ENQ-ACK-NAK Protocol Modes ENQ-ACK-NAK Mode Loading Web Pages or Files Customizing SMS2000 Web Authentication with RadiusLoading and Deleting Customized Web Pages Files For Groups Image Links Load web url defaultsPath Components Preserving the Web Form Customizing Web PagesUpgrading Deleting Web Pages or Files Web Page Redirection Size For Web Pages and External Links Reference Active Page ComponentsViewing Customizations Setting the Wpad Timeout Configuring Web Proxy SettingsWeb Proxy Settings Setting the Wpad Curl Web Proxy Server Show proxy-ports Set proxy-ports portDelete proxy-ports port SMS2000 Troubleshooting Procedures SMS2000 Troubleshooting Unable to do credit card Snmp PollingMultiple frames opened Browser Line Verify OCS screens off Radius Attributes in Access-Accept Packets Appendix a Radius Access-Accept Dictionary File Appendix Appendix TUT Systems, Inc 100 Equipment Return and Repair Appendix B Technical Assistance and Customer SupportTechnical Support Internet Telephone Exclusive Remedies Appendix C SMS2000 Limited WarrantyHardware Limited Warranty Limitations of Warranty FCC Radio Frequency Interference Statement Electrical Safety AdvisoryTut Systems, Inc., Customer Service Department Assistance TUT Systems, Inc 104