Manuals / Brands / Computer Equipment / Switch / Tut Systems / Computer Equipment / Switch

Tut Systems SMS2000 Chapter 10 - Service Creation Using Groups and Rules

1 104

Download 104 pages, 637.48 Kb

Service Creation Using Groups and Rules

TUT Systems, Inc Page 62 of 104 P/N 220-06288-20

Chapter 10 - Service Creation Using Groups and Rules

Groups are created on the SMS2000 in order to provide an easier way to manage multiple

subscribers. Subscribers are placed into groups according to a set of rules. Rules may be

configured directly on the SMS2000 through the command line interface or, more

typically, are generated automatically by the OCS and downloaded to the SMS2000.

Rules are a set of Boolean operators that compare a subscriber’s MACaddress, IP

address, VLAN tag, and SNMP-reported origin (for Tut Systems’ Expresso GS/MDU

Chassis media).

When a rule is matched, the subscriber is placed in the appropriate group. Rules also

specify attributes such as IP addressing or traffic shaping parameters, which override the

group defaults.

The SMS2000 can treat subscribers differently, depending on the group into which they

are placed. By default, a single group is used for all subscribers, but additional groups can

be added. Group membership controls the following attributes:

• DHCP pool selection

• Authentication and accounting server selection

• DNS server for queries

• Default traffic shaping parameters

Groups

Many configuration items, including authentication type, IP type, and shaping can be tied

to groups. For example, if a manager had previously configured an SMS2000 to use

RADIUS to authenticate users, but had a particular subscriber who wanted to use a NAT

box which could not conduct RADIUS authentication, the manager might use a rule to

place that particular box in a special group which did not require authentication.

Adding a Group

To add groups with specific characteristics, use this command:

group add groupname [noinherit | inherit groupname]

For example, to add a group named custnat, type:

SMS2000% group add custnat

Note: The new group automatically becomes the new group context. Group

specific commands affect the new group.

Contents

Main Page SMSUsers Guide Contents Page Page Page Page List of Tables List of Figures Preface Audience Documentation available for this Release Related Documentation IntelliPOP 5000 Tutorials Chapter1 - Introduction Subscriber Management Features Page Subscriber Management Components SMS2000 OCS Page Chapter 2 - Getting Started The User Interface Style Conventions Cursor Movement Chapter 3 - Initial Configuration Establishing a Connection with the SMS2000 Establishing a Connection Via a Serial Interface Establishing a Connection Via Telnet Page Initial Configuration Changing Your Password Setting the Quick Configuration Setting the Hostname Disabling Authentication Saving the Configuration Rebooting the System Verifying the Configuration Chapter4 - System Administration Configuration E-Mail Settings Setting the Default Configuration E-mail Mailing the Current Configuration Configuration and System File Tools Committing Configuration Changes Automatically Committing Configuration Changes Disabling Automatic Configuration Changes Saving a Configuration Loading a Configuration File Restoring a Previous Configuration Restoring the Default Configuration Configuring SMTP Setting the SMTP Server Deleting the SMTP Server Setting the SMTP ID Configuring NTP Setting the Timezone Configuring the NTP server Setting the Time Configuring SNMP Polling Enabling SNMP Polling Testing to See if SNMP Polling will Work Disabling SNMP Polling Connectivity and Testing Traceroute Testing Connectivity System Tools Setting Specialized System Options Defining Ports Setting and Deleting Static Ports Disconnecting a Session on a Port Event Tracking Setting the Syslog Server Displaying Log Messages System Administration Tools Displaying Version Information Exiting the Management Session Rebooting the System Changing a Password Displaying Control Keys SNMP Management SNMP Agent SNMP System Contact snmp system-contact system-contact-string SNMP System Location SNMP Community SNMP Trap Recipient Troubleshooting Tools System Information Tools Setting the System Information Dump Setting a Software Watchdog Subscriber Connectivity Commands Setting the ARP Failure Limit Setting the ARP Polling Period Upgrades Page Verifying a Successful Upgrade Returning to an Older Firmware Version Loading Another Image Page Chapter 5 - Authentication Configuring the Command Server Setting the Command Server for OCS Interaction Deleting the Command Server Authentication Adding the OCS as the Authentication Server Deleting an Authentication Server Testing Authentication Disabling Authentication Setting the Authentication Interval Bypassing Authentication HTTP Request Throttle Setting the HTTP Request Throttle Deleting the HTTP Request Throttle Allow-Nets Setting an Allow-Net Deleting an Allow-Net Automatic Redirection URLs Setting the Automatic Redirection URL Deleting the authok Page Authentication with RADIUS Adding a RADIUS Server Page Set NAS port type parameter show status radius Testing Authentication on the RADIUS Server Configuring a RADIUS SSL Back Channel Chapter 6 - Authorization Authorization Chapter 7 - Accounting Accounting Sending Accounting Messages to a Syslog Server Radius Accounting Configuration Sending Accounting Messages to a RADIUS Server Deleting a RADIUS Accounting Server Configuring Accounting Parameters Chapter 8 - Provisioning Chapter 9 - Billing Billing Chapter 10 - Service Creation Using Groups and Rules Groups Adding a Group Deleting a Group Setting the Active Group Context Subscribers that Cannot Support Authentication Setting Maximum Users Per Port SMS2000 Rules Adding a Rule Deleting a Rule Rule Expression Components IP Address MAC Address VLAN SNMP-INFO The NOT Operator The AND Operator The OR Operator Parenthesis Using Rule Priorities Chapter 11 - IP Addressing IP Addressing Plug and Play With NAT Static Routable Addresses DHCP Pools Static Non-Routable Addresses IP Multicasting Configuring a Control Network for Additional Client IP Addresses Understanding 1to1 and 1to1 Unique IP Types Configuring IP Types Source-Nets Setting a Source-Net Deleting a Configured Source-Net DHCP Creating DHCP Pools Removing a DHCP Assignment DNS Setting the DNS Server Address Static Routes Adding Routes Chapter 12 - Printing Setting up the LPR Host Chapter 13 - Using SMS2000 with a RADIUS Server Configuring RADIUS Obtaining the RADIUS Server Software Adding the SMS2000 as a Client on the RADIUS Server Adding Users to the RADIUS Server Configuring Service Parameters Using Real IP Addresses RADIUS Ports SMS2000 NAS File SMS2000 Status Attributes and Statistics RADIUS Attributes Sent in Accounting Messages RADIUS Attributes Sent In Access- Request Packets RADIUS Attributes Received in Access- Accept Packets Using Both RADIUS and OCS Authentication Setting Traffic Shaping Deleting Traffic Shaping Chapter 14 - SMS2000 and Property Management Systems (PMS) Setting the PMS Server Protocol Modes TTY MODE ACK-NAK MODE ENQ-ACK-NAK MODE Chapter 15 - Customizing SMS2000 Web Authentication with RADIUS Loading and Deleting Customized Web Pages Files For Groups Loading Web Pages or Files Path Components Image Links Upgrading Deleting Web Pages or Files Customizing Web Pages Preserving the Web Form Size For Web Pages and External Links Web Page Redirection Active Page Components Viewing Customizations Chapter 16 - Configuring Web Proxy Settings Web Proxy Settings Setting the WPAD CURL Setting the WPAD Timeout Web Proxy Server Enable Proxy Server Support Disable Proxy Server Support Viewing Proxy Server Support Status Adding TCP Proxy Ports Deleting TCP Proxy Ports Viewing TCP Proxy Ports Chapter 17 - SMS2000 Troubleshooting SMS2000 Troubleshooting Procedures Table 17-3 provides valuable information for troubleshooting the SMS2000. Table 17-3 SMS2000 Troubleshooting Procedures Subscriber Connection: SNMP Polling xxx-xxx Multiple frames opened in browser Unable to do credit card billing Verify OCS screens off- line Appendix A - RADIUS Access-Accept Dictionary File RADIUS Attributes in Access-Accept Packets Page Page Page Appendix B - Technical Assistance and Customer Support Appendix C - SMS2000 Limited Warranty Hardware Limited Warranty Limitations of Warranty Exclusive Remedies Assistance FCC Radio Frequency Interference Statement Electrical Safety Advisory Tut Systems, Inc., Customer Service Department