A
CCESS
G
ATEWAY
172
System Administration
The tunnel server in this case is configured to authenticate users via another RADIUS server
that handles a single realm. Since it handles a single realm, no realm information is needed for
users and so must be stripped. In this case, it is stripped by the NSE, but it could easily have
been stripped by the tunnel server, or by the tunnel server’s RADIUS server. This is by design
and for maximum flexibility.
Also note that the “Local hostname” field is blank which means that the NSE’s default local
hostname of “usg_lac” will be used by the NSE. This allows for setting the local hostname to
any desired value other than the default. The L2TP peers exchange their local hostnames
during tunnel negotiation.
1.
To add a RADIUS Service Profile, click on the appropriate
Add
button on the
Realm-
Based Routing Settings
screen.
The
Add Realm Routing Policy
screen appears:
2.
To make this entry the “active” entry, click on the
Entry Active
check box.
3.
To define a specific realm, choose the
Specific Realm
option and enter the destination in
the
Realm Name
field. Alternatively, you can choose the
Wildcard match
option, then
define your search options:
Prefix match only
Suffix match only
Match either
4.
Select the required
RADIUS Service Profile
from the pull-down menu.
5.
Click on the
Strip off routing information
check box if you want to remove the routing
information.
6.
Click on the
Add
button to add this Realm Routing Policy.
7.
When you have completed the definition of your Realm Routing Policy, you can return to
the previous screen (Realm-Based Routing Settings) by clicking on the
Back to Main
Realm-Based Routing Settings page
link.
The screen below shows a realm routing policy that handles prefix-based usernames using
a RADIUS service profile. Notice that “Specific Realm” is clicked and the “Realm name”
is “cisp”. Also notice that “Prefix match only” is clicked and that the delimiter is “/”. This
means that this realm routing policy will match usernames that are of the format “cisp/
username”.
Summary of Contents for Access Gateway
Page 1: ......
Page 12: ...ACCESS GATEWAY xii ...
Page 51: ...ACCESS GATEWAY Introduction 39 ...
Page 84: ...ACCESS GATEWAY 72 Installing the Access Gateway ...
Page 90: ...ACCESS GATEWAY 78 Installing the Access Gateway ...
Page 95: ...ACCESS GATEWAY System Administration 83 ...
Page 96: ...ACCESS GATEWAY 84 System Administration ...
Page 146: ...ACCESS GATEWAY 134 System Administration ...
Page 161: ...ACCESS GATEWAY System Administration 149 ...
Page 185: ...ACCESS GATEWAY System Administration 173 ...
Page 205: ...ACCESS GATEWAY System Administration 193 The Network Interfaces screen appears ...
Page 310: ...ACCESS GATEWAY 298 The Subscriber Interface ...
Page 376: ...This page intentionally left blank ACCESS GATEWAY 364 Troubleshooting ...
Page 378: ...This page intentionally left blank ACCESS GATEWAY 366 ...