Authorization

Chapter 6 - Authorization

Authorization entails determining if a particular user has permission to use a service.

Authorization

The SMS2000 is capable of performing authorization by using an external server (OCS or RADIUS) or by using onboard groups and rules. For details about using the OCS for Authorization, see the OCS User’s Guide. For more information on RADIUS, see Chapter 13, “Using SMS2000 with a RADIUS Server.” Scenarios for performing these functions in various configurations are described below.

Authorization

Table 6-1 shows how authorization is performed with no external server, with RADIUS, and with the OCS.

Table 6-1 Authorization

Server

Functionality

With No External

No user authentication is possible. Groups and rules can be used to

Server

authorize subscribers based on their MAC address, VLAN ID, SNMP

 

information, IP address, or any combination of these. For more information

 

on using groups and rules, see Chapter 10, “Service Creation using Groups

 

and Rules.”

With RADIUS

Authorization follows authentication as it does on a standard network

 

access server (NAS). Parameters include static IP and bandwidth.

With OCS

The OCS provides enhanced authorization functions based on user name,

 

physical port, MAC address, and more. Parameters include Stat IP, auth

 

required, and bandwidth.

TUT Systems, Inc

Page 57 of 104

P/N 220-06288-20

Page 57
Image 57
Tut Systems SMS2000 manual Authorization, Server Functionality