Central Site Remote Access Switch 195
C
ONFIGURING
D
EVICE
L
EVEL
D
ATABASES
On-node Device Entries
O
UTBOUND
A
UTHENTICATION
This parameter allows you to enable or disable PPP outbound authentication procedures. When
PPP outbound authentication is enabled, PPP (CHAP or PAP) authentication is required at both
ends of the connection. When PPP outbound authentication is disabled, the CyberSWITCH does
not authenticate the remote device when dialing out. If enabled, the CyberSWITCH will
authenticate the remote device. Outbound authentication is required if a PPP device is associated
with a frame relay virtual circuit and the virtual circuit name and device name do not match.
U
SER
L
EVEL
A
UTHENTICATION
This parameter allows you to enable or disable user level authentication for this device. When user
level authentication is enabled, the device is required to fulfill the necessary requirements of an off-
node user level authentication server, such as RADIUS, ACE, or TACACS, after being
authenticated at the device level.
IP H
OST
I
DENTIFIER
The IP Host Id is used to authenticate a device over the IP Host (RFC 1294) line protocol. A unique
identifier, 1 to 24 non-blank characters in length, it identifies the device. This identifier is exchanged
and validated when the device connects to the system. This identifier must be identical to the
identifier configured on the device’s IP Host system. This field is only required when the IP routing
operating mode is enabled. The identifier entered here must be identical to the configured identifier
for the device’s remote IP Host device.
B
RIDGE
E
THERNET
A
DDRESS
This address is used for authentication purposes on connections made over the HDLC Bridge line
protocol. It is required if Bridge Ethernet Address Security is enabled.
This is the MAC address of the remote bridge device. This value is passed to the system (in band)
when a connection is established. The system will look up the incoming Bridge Ethernet Address
in the On-node Device Table. If the address is not included in the On-node Device Table, the system
will reject the incoming call. If the address is included in the On-node Device Table, and the
corresponding device entry is not configured with a bridge password, the connection will be
established. If the address is included in the On-node Device Table, and the corresponding device
entry is configured with a bridge password, the system will validate the password before
establishing the connection.
B
RIDGE
P
ASSWORD
This password is used by the HDLC Bridge line protocol. It is an unencrypted password value (a
string of 1 to 12 characters) used as a secondary security check when Bridge Ethernet Address
Security is enabled. Its use is optional; however, if it is specified, it must be correct for the
connection to be allowed. This value is passed to the system (in band) when an incoming call is
received. The system compares the incoming password with the value found in the On-node
Device Table. If the incoming password matches the associated On-node Device Table Bridge
password, the connection is established. Otherwise, the system will reject the incoming call.
This value is stored in the same location as the PAP password, so a change to one password affects
the other.
C
ALLING
L
INE
I
DENTIFIER
(CLID)
Applicable to ISDN connections only, and only when the CLID option is enabled. You can specify
eight CLIDs for each device entry. Each CLID for a given device must be unique. This is the
telephone number of the calling party that is connecting to the system. In some areas this
information is passed to the system on the ISDN incoming connection message. The system will