Set up host access, Set up a radius client, Set up host access -14 – CANOGA PERKINS 1500 Domain Management Module User Manual

EdgeAccess Universal Chassis System

4. To delete a user, type

2

, then follow the prompts to select the user name and confirm the

choice; the User Accounts Configuration screen reappears.

5. To return to the Change Security & Passwords menu, press <Esc>.

Set Up Host Access

The SNMP agent allows access to up to 24 Host IP addresses listed in the Host Access Table. Set
up the Host and network information for access to the DMM on the Host Access Table screen.
When a host attempts to access the DMM, the IP address is authenticated against the entries on
the host table, from the most restrictive entry to the least restrictive entry. If a user attempts
SNMP access from a host or network that is not listed in this table, the DMM rejects that host and
generates an authentication trap. To access the Host Table, follow these steps:

1. At the Domain Management Module menu, type

6

, "Host Access Table," and press <Enter>.

The Host Table screen appears.

2. To add a host, type

1

and press <Enter>, or to edit an existing host, type

3

and press <Enter>,

then follow the prompts on the Edit Host Access screen to enter values or press <Space> to
cycle through options for these parameters:

a. IP Address: for the Host

b. IP Mask Size: 0 to 32 (bits) to match the bits from the left of the IP address; only one

entry is allowed with 0 bits of Mask Size

c. Telnet Access: Telnet Only, Telnet and SSH, SSH Only, or None

d. FTP Access: FTP Only, FTP and SFTP, SFTP Only, or None

e. SNMP Access: Read, Write (includes Read), or None

f. SNMP Protocol: V1/V2c, V1/V2c/V3, or V3; sets the type of access allowed from the

specific host or network

g. V1/V2c Read Community, Write Community, and Access Level: set the matches for

community names and permissions level (Supervisor, Operator, or Observer) for requests
from the V1 or V2c host or network

3. To delete a host, type

2

and press <Enter>, then at the prompt, highlight the IP Address for

that Host and press <Enter>. The host table appears again with your changes.

4. To return to the Domain Management Module menu, press <Esc>.

Set Up a Radius Client

Before you can set up the DMM as a Radius Client, you must set related attributes on the Radius
server to predefined values in order to properly authenticate and configure the user. The DMM
uses four vendor-specific attributes, type 25 in the Radius RFC; the Canoga Perkins vendor
identifier is 919.

• Attribute 1 is Access From; values: 1, UI; 2, SNMP; and 3, UI and SNMP; default is UI.
• Attribute 2 is Access Level; values: 2, Observer; 3, Operator; and 4, Supervisor; default is

Observer.

• Attribute 3 is Description, a string, optional and not predefined; default is "Radius Account."
• Attribute 4 is Logout User; values: 0, No, and 1, Yes; default is Yes.

3-14

Model 1500 Domain Management Module