3Com Wireless LAN WX1200 User Manual

250

C

HAPTER

8: AAA C

OMMANDS

end-date

Date and time after
which the user is no
longer allowed to be on
the network.

Date and time, in the following
format:

YY/MM/DD-HH:MM

You can use end-date alone or with
start-date. You also can use
start-date, end-date, or both in
conjunction with time-of-day.

filter-id

Inbound or outbound
ACL to apply to the
user.

If configured in the WX switch’s local
database, this attribute can be an
access control list (ACL) to filter
outbound or inbound traffic. Use the
following format:

filter-id inboundacl.in

or

filter-id outboundacl.out

If you are configuring the attribute on
a RADIUS server, the value field of
filter-id can specify up to two ACLs.
Any of the following are valid:

filter-id = "Profile=acl1"

filter-id = "OutboundACL=acl2"

filter-id = "Profile=acl1
OutboundACL=acl2"

(Each example goes on a single line on
the server.) The format in which to
specify the values depends on the
RADIUS server.

Regardless of whether the attributes
are defined locally or on a RADIUS
server, the ACLs must already be
configured on the WX switch.

idle-timeout

This option is not implemented in the current MSS version.

mobility-profile

(network access
mode only)

Mobility Profile attribute
for the user. (For more
information, see set
mobility-profile on
page 255.)

Name of an existing Mobility Profile,
which can be up to 32 alphanumeric
characters, with no tabs or spaces.

If the Mobility Profile feature is
enabled, and a user is assigned the
name of a Mobility Profile that does
not exist on the WX switch, the user is
denied access.

Table 44 Authentication Attributes for Local Users (continued)