Authentication

Setting an Allow-Net

Note: When adding the OCS using the auth add web command an allow-net is automatically configured for you. An OCS server will always be added as an allow-net entry when you use an OCS authentication server. This allows the SMS2000 to redirect subscribers to the server before authentication. Other servers may also be required in your allow-net, such as www.authorize.net (for credit card authentication) and/or the address of any portal page that you want to present for Web authentication.

To allow subscribers to access a specific subnet before they are authenticated, use the following command:

set allow-net{ip_address [netmask] dns-name}

For example, if an Internet service provider placed a page for a hotel called “Central Park Hotel” at the following URL:

http://www.notarealserver.com/CentralParkHotel/index.html

And this embedded remote content directly in the page:

<script language=“JavaScript” src=“http://dynamic.notasyndicate.com/newsphoto/photo.js”>

With the following DNS entries: www.notarealserver.com 192.168.1.1 dynamic.notasyndicate.com 192.168.254.254

The Internet service provider would then configure the SMS2000 as follows:

1.Set an allow-net for the first DNS server. sms2000% set allow-net 192.168.1.1 or

sms2000% set allow-net notarealserver.com

2.Set an allow-net for the second DNS server. sms2000% set allow-net 192.168.254.254 or

sms2000% set allow-net notasyndicate.com

3.Set the redirection URL. sms2000% set authok http://www.notarealserver.com/CentralParkHotel/index.html

Note: You can specify multiple allow-nets by entering the set allow-netcommand for each allow-net.

TUT Systems, Inc

Page 50 of 104

P/N 220-06288-20

Page 50
Image 50
Tut Systems SMS2000 manual Setting an Allow-Net, Set allow-netipaddress netmask dns-name