Show status radius, Auth test | Tut Systems SMS2000 instruction

Authentication

show status radius

Shows the status of and configuration of RADIUS servers in the running system, including whether they are DEAD or ALIVE. If the RADIUS server is DEAD, the command will also indicate the number of minutes until it is alive again.

show status radius

Example

This example displays the status of RADIUS servers on the system:

sms2000% show status radius

Testing Authentication on the RADIUS Server

To test a RADIUS authentication server by querying the currently configured server, use this command:

auth test

For example, to test the currently active RADIUS authentication server by attempting to authenticate the user bob with the password bob, type:

sms2000% auth test

User Name: bob

Password:

Note: A RADIUS authentication server must already be active for this command to work.

Configuring a RADIUS SSL Back Channel

To configure a RADIUS SSL back channel so that passwords from subscribers are encrypted when transferred to SMS, obtain the tutsystems-ssl-auth.tar.gzfile and install it and configure it on an SSL capable web server following the instructions in the documentation directory of the archive file.

Configure and verify RADIUS authentication on SMS as normal. Then enter the following command:

auth radius-back-channel-url https://MyServerName/sslonly/authform.php

Verify that you can enter your username and password in the authentication form over HTTPS and that authentication works as before.

Note: It is necessary to obtain a certificate from a registered Certificate Authority recognized by your web browser (e.g. Verisign) to eliminate warnings that subscribers may see when connecting to your secure site.

TUT Systems, Inc

Page 56 of 104

P/N 220-06288-20

Image 56

Tut Systems SMS2000 Show status radius, Testing Authentication on the Radius Server, Configuring a Radius SSL Back Channel

Contents

TUT Systems SMS2000 User Guide SMS2000 User’s Guide SMSUser’s Guide Contents Configuring Smtp Configuring NTPConfiguring Snmp Polling Connectivity and Testing Authentication Configuring the Command Server AuthenticationAuthentication with Radius Authorization Using Rule Priorities Configuring RadiusGroups SMS2000 Rules Using Both Radius and OCS Authentication Web Proxy SettingsSMS2000 Troubleshooting Procedures SMS2000 Status Attributes and Statistics List of Figures Radius Attributes in Access-Accept PacketsList of Tables Preface AudienceDocumentation available for this Release Related Documentation Subscriber Management Features Introduction Introduction Subscriber Management Components Subscriber Management Components SMS2000 OCS Introduction Getting Started User Interface Accessing Help for Commands For example restore config web original-confi gIfconfig portnumber ipaddress /masklen Style Conventions Cursor Movement Cursor Motion Keystrokes Initial Configuration Click ConfigureEstablishing a Connection with the SMS2000 Establishing a Connection Via a Serial Interface Establishing a Connection Via Telnet Initial Configuration Setting the Quick Configuration Initial ConfigurationChanging Your Password Saving the Configuration Setting the HostnameDisabling Authentication Reboot Rebooting the SystemVerifying the Configuration System Administration Configuration E-Mail SettingsSetting the Default Configuration E-mail Set config-mailrecipient@SMTPserver SMTPserver Configuration and System File Tools Mailing the Current ConfigurationDeleting the Configuration E-mail Committing Configuration Changes Automatically Committing Configuration Changes Disabling Automatic Configuration ChangesCommit auto Commit noauto Restoring a Previous Configuration Saving a ConfigurationLoading a Configuration File Configuring Smtp Restoring the Default ConfigurationSetting the Smtp Server Deleting the Smtp Server Configuring NTP Setting the Smtp IDSetting the Timezone Set smtpid on off Configuring Snmp Polling Configuring the NTP serverSetting the Time Enabling Snmp Polling Snmp-pollmacaddress Testing to See if Snmp Polling will WorkDisabling Snmp Polling Connectivity and Testing Testing ConnectivitySetting Specialized System Options System Tools Setting and Deleting Static Ports Defining PortsLeftrighthelp ? Port-definition mixed tut vlan Disconnecting a Session on a Port Setting the Syslog ServerEvent Tracking Displaying Log Messages Exiting the Management Session System Administration ToolsDisplaying Version Information Changing a Password Displaying Control KeysPasswd Keys Snmp Management Snmp AgentSnmp System Contact Snmp System Location Snmp Community Snmp Trap Recipient Troubleshooting Tools System Information ToolsSMS2000% snmp delete trap-recipient Show snmp trap-recipient Subscriber Connectivity Commands UpgradesSetting the ARP Failure Limit Setting the ARP Polling Period Upgrading from Tut Systems’ Website Archiving SMS2000 Firmware and distributing it from a Server Loading Another Image Verifying a Successful UpgradeReturning to an Older Firmware Version System Administration Authentication Authentication Configuring the Command Server Setting the Command Server for OCS InteractionDeleting the Command Server Adding the OCS as the Authentication Server Deleting an Authentication Server Testing AuthenticationAuth add web url secret secret cmd-serv Auth on Setting the Authentication Interval Bypassing AuthenticationAuth off forcedweb authokurl blockall Auth interval minutes off Setting the Http Request Throttle Http Request ThrottleAllow-Nets Deleting the Http Request Throttle Setting an Allow-Net Set allow-netipaddress netmask dns-name Setting the Automatic Redirection URL Automatic Redirection URLsDeleting an Allow-Net Set authok url Authentication with Radius Deleting the authokAdding a Radius Server Delete authok Command Syntax Description Usage Guidelines Example DefaultDefault retrans-primary-only is Set nas-port-type Set NAS port type parameterSet nas-port-type integer Testing Authentication on the Radius Server Configuring a Radius SSL Back ChannelShow status radius Show status radius Example Authorization AuthorizationAuthorization Server Functionality Sending Accounting Messages to a Syslog Server AccountingAccounting Radius Accounting Configuration Configuring Accounting ParametersSending Accounting Messages to a Radius Server Deleting a Radius Accounting Server Provisioning Provisioning Billing Billing Service Creation Using Groups and Rules GroupsAdding a Group Group add groupname noinherit inherit groupname Setting the Active Group Context Subscribers that Cannot Support AuthenticationSetting Maximum Users Per Port Deleting a Group SMS2000 Rules Adding a RuleDeleting a Rule Set rule rulename groupname priority rulestring Rule Expression Components IP AddressMAC Address Ip=ipaddress ,netmask Tut=ipaddress-linenum*-portnum Not OperatorVlan=vlanida-vlanidb Operator Or OperatorParenthesis Expression and expression Using Rule Priorities Plug and Play With NAT IP AddressingIP Addressing Static Routable Addresses Dhcp Pools Static Non-Routable Addresses IP Multicasting Understanding 1to1 and 1to1 Unique IP Types Configuring IP TypesIptype default NAT static Dhcp 1to1 1to1Unique Setting a Source-Net Deleting a Configured Source-NetSource-Nets Set source-netstartaddress endaddress subnet-mask Setting the DNS Server Address Creating Dhcp PoolsRemoving a Dhcp Assignment Dhcp-server release macaddress Static Routes Deleting the DNS Server AddressAdding Routes Set dns add ipaddress Set lpr hostname off queuename maxpages maxbytes Setting up the LPR HostPrinting Obtaining the Radius Server Software Using SMS2000 with a Radius ServerConfiguring Radius Adding Users to the Radius Server Configuring Service ParametersAdding the SMS2000 as a Client on the Radius Server Using Real IP Addresses Radius Ports Radius Attributes Sent in Accounting Messages SMS2000 Status Attributes and StatisticsSMS2000 NAS File Radius Attributes Received in Access- Accept Packets Using Both Radius and OCS AuthenticationRadius Attributes Sent In Access Request Packets Setting Traffic Shaping Deleting Traffic ShapingShape xbps/rbps Shape xbps/rbps delete Setting the PMS Server SMS2000 and Property Management Systems PMS Protocol Modes TTY ACK-NAK ENQ-ACK-NAK ENQ-ACK-NAK Mode Customizing SMS2000 Web Authentication with Radius Loading and Deleting Customized Web PagesFiles For Groups Loading Web Pages or Files Image Links Load web url defaultsPath Components Customizing Web Pages UpgradingDeleting Web Pages or Files Preserving the Web Form Size For Web Pages and External Links Web Page Redirection Reference Active Page ComponentsViewing Customizations Configuring Web Proxy Settings Web Proxy SettingsSetting the Wpad Curl Setting the Wpad Timeout Web Proxy Server Show proxy-ports Set proxy-ports portDelete proxy-ports port SMS2000 Troubleshooting SMS2000 Troubleshooting Procedures Snmp Polling Multiple frames openedBrowser Unable to do credit card Verify OCS screens off Line Appendix a Radius Access-Accept Dictionary File Radius Attributes in Access-Accept Packets Appendix Appendix TUT Systems, Inc 100 Appendix B Technical Assistance and Customer Support Technical SupportInternet Telephone Equipment Return and Repair Appendix C SMS2000 Limited Warranty Hardware Limited WarrantyLimitations of Warranty Exclusive Remedies Electrical Safety Advisory Tut Systems, Inc., Customer Service DepartmentAssistance FCC Radio Frequency Interference Statement TUT Systems, Inc 104