Manuals / Western Telematic / Computer Equipment / Switch

Western Telematic AFS-16-1 WTI-Super=2, WTI-Circuit-Access=0101, WTI-Group-Access=111000, Example

Models: AFS-16-1

1 135
Download 135 pages 23.28 Kb
Page 62
Image 62

Basic Configuration

5.9.10.1.Dictionary Support for RADIUS

The RADIUS dictionary file can allow you to define a user and assign command access rights and port access rights from a central location. The RADIUS dictionary file, "dictionary.wti" is included on the CDROM along with this user's guide. To install the dictionary file on your RADIUS server, please refer to the documentation provided with your server; some servers will require the dictionary file to reside in a specific directory location, others will require the dictionary file to be appended to an existing RADIUS dictionary file. The WTI RADIUS dictionary file provides the following commands:

WTI-Super- Sets the command access level for the user. This command provides the following arguments:

0 = ViewOnly

1 = User

2 = SuperUser

3 = Administrator

For example, in order to set command access level to "SuperUser", the command line would be:

WTI-Super="2"

WTI-Circuit-Access- Determines which circuit(s) the user will be allowed to access. This command provides an argument that consists of a four character string, with one character for each the AFS-16's Circuit Modules. The following

options are available for each switched circuit: 0 = Off (Deny Access)

1 = On (Allow Access)

For example, to allow access to Circuits 2 and 4, the command line would be:

WTI-Circuit-Access="0101"

WTI-Group-Access- Determines which Circuit Group(s) the user will be allowed to access. The argument for this command includes a character for each, defined Circuit Group, with the first character in the string being used to represent the first Circuit Group defined, and the last character in the string representing the last

Circuit Group defined. The following options are available for each Circuit Group: 0 = Off (Deny Access)

1 = On (Allow Access)

For example, to allow access to the first three defined Circuit Groups out of a total of six defined Circuit Groups, the command line would be:

WTI-Group-Access="111000"

Example:

The following command could be used to set the command access level to "User", allow access to Circuits 1 and 2, and also allow access to the first two of five defined

Circuit Groups:

tom Auth-Type:=Local, User-Password=="tom1" Login-Service=Telnet, Login-TCP-Port=Telnet, User-Name="HARRY-tom",

WTI-Super="1", WTI-Circuit-Access="1100", WTI-Group-Access="11000",

5-41

Page 61 Page 63
Page 62
Image 62
Western Telematic AFS-16-1 manual WTI-Super=2, WTI-Circuit-Access=0101, WTI-Group-Access=111000, Example
Page 61 Page 63