6-2
Configuring the Rights Manager
6.1
Rights Manager Terminology
The Rights Manager uses common terms in a very specific manner. Before starting
to administer rights, make sure you understand these terms:
A
Location
is a group of
wheres
. A
Where
is a WLAN Access Manager or a WLAN
Access Manager port or a specific client. Some set of rights are associated with the
location. See
Section 6.4.5, Changing WLAN Access Manager Rights
for more
information. Locations have wheres and whens associated with them.
Everywhere else
is the location that a client belongs to if it does not associate with
any other location. Until you create another location, this is the location to which
all
clients are associated.
A
When
is set of valid times that apply to a location or a group. See
Section 6.5,
Changing Group Properties
.
Groups
define rights for users who are members of the group. A user can be a
member of a group and is given rights as part of the group. An
Allowed Group
is
a group allowed at a specified location. Groups can be one of the following types:
•
Guest
: the rights given to someone who clicks the Guest button on the logon
page.
•
Implicit users:
the base group in which rights are allocated to all authenticated
users at the specified location.
•
Normal:
the only group that users can belong to. A user cannot belong to a
Logon, Guest or Implicit User group.
•
Logon:
the rights given to a client who has not yet logged on.
See
Section 6.6, Adding, Modifying, or Deleting a User
for more information about
users.
A
Realm
is an ordered list of authentication services. See the Rights Tutorial for
more information. There are both Rights Manager realms and Kerberos realms.
Kerberos realms refer to the domain specified by Kerberos.
Allows
specify packets that are permitted to be forwarded by a WLAN Secure
Server or a WLAN Access Manager. Allows can include:
•
Destination protocol
•
Destination port
•
Destination IP address
Redirects
specify packets that are allowed to be forwarded, but require that these
packets be redirected to a new destination, also specified by the redirect. An
example is requesting a DNS server; packets could be redirected to the enterprise
DNS server rather than the one that was originally specified. Redirects can include:
•
Original protocol
•
Original port
•
Original address
Содержание ELITECONNECT SMC2504W
Страница 2: ......
Страница 4: ......
Страница 14: ...xiv...
Страница 18: ...x Preface...
Страница 44: ...2 18 Configuring the WLAN Security System...
Страница 64: ...4 12 Controlling the System Functions...
Страница 74: ...5 10 Viewing System Status...
Страница 136: ...6 62 Configuring the Rights Manager Figure 6 72 Filter Redirect Editor Step 6 Click Update...
Страница 140: ...6 66 Configuring the Rights Manager Figure 6 77 Rights for Guest Step 7 When you have finished click Done...
Страница 150: ...6 76 Configuring the Rights Manager...
Страница 168: ...B 14 Command Line Interface...
Страница 182: ...C 14 Rights Tutorial Figure C 8 Rights for Guest Table C 4 explains the Rights Debugger...
Страница 189: ...EliteConnect WLAN Security System User Manual C 21 Figure C 12 Rights Debugger for Fred...
Страница 240: ...X 4 Index...
Страница 242: ...ii...