Enterasys Networks CSX5500 User Guide
USER’S GUIDE
384 CyberSWITCH
A
UTHENTICATION
T
IMEOUT
T
IMER
This timer represents the amount of time the CyberSWITCH will wait for the Authentication Agent
to handle a login attempt before timing out. If CSM is enabled as Call Control Manager, this time-
out value must then represent the amount of time for both:
•
to handle a login attempt before timing out. If CSM is enabled as Call Control Manager, this time-
out value must then represent the amount of time for both:
•
the Authenticating Agent to respond to the login attempt, and
•
CSM to respond to the login attempt.
C
ALL
C
ONTROL
F
AILURE
B
ANNER
If CSM does not permit call connectivity for any reason, the CyberSWITCH will display the
message “CSM Denied Access”. You may change this default message to whatever you choose
through this configuration element.
message “CSM Denied Access”. You may change this default message to whatever you choose
through this configuration element.
B
ACKGROUND
I
NFORMATION
Cabletron’s CSM consists of an administration program and a user interface, and runs with a
database and a standard SQL server. It acts as both an authentication server and call control
manager for the CyberSWITCH. This product is described in detail in the CSM User’s Guide which
accompanies the product.
database and a standard SQL server. It acts as both an authentication server and call control
manager for the CyberSWITCH. This product is described in detail in the CSM User’s Guide which
accompanies the product.
If you are interested in call control management without CSM authentication, the CSM as Call
Control Manager is now an available feature. This feature provides call control management with
any authentication agent (e.g., RADIUS, ACE, TACACS).
Control Manager is now an available feature. This feature provides call control management with
any authentication agent (e.g., RADIUS, ACE, TACACS).
To use CSM for call control management only, you must enable the feature. The call will be
authenticated through the chosen method, and then call control management will pass to CSM.
Acceptable authentication methods are:
•
authenticated through the chosen method, and then call control management will pass to CSM.
Acceptable authentication methods are:
•
RADIUS at device level
•
CSM at device level
•
RADIUS at user level
•
ACE at user level
•
TACACS at user level
•
On-node Device Table at device level
In all cases, the device information is propagated into the CyberSWITCH from the authentication
agent. (This implies that IP static routes and IP pooling are configured on the CyberSWITCH, and
not CSM.) When CSM is not the authenticating agent, CSM cannot initiate outgoing calls. To make
outgoing calls from the CyberSWITCH, you must use other means of initiation, based on type of
security (e.g., IP route lookup using RADIUS).
agent. (This implies that IP static routes and IP pooling are configured on the CyberSWITCH, and
not CSM.) When CSM is not the authenticating agent, CSM cannot initiate outgoing calls. To make
outgoing calls from the CyberSWITCH, you must use other means of initiation, based on type of
security (e.g., IP route lookup using RADIUS).
C
ALL
C
ONTROL
M
ANAGEMENT
CSM call control management varies depending upon the type of security in use:
•
Device Level Security
If you use the On-node Device Table as authentication agent, CSM merely logs call start and
end times. (You do not need to configure devices in the CSM database).
If you use the On-node Device Table as authentication agent, CSM merely logs call start and
end times. (You do not need to configure devices in the CSM database).
If you use an off-node authentication server for authentication: configure devices on CSM as
well. This will provide access to the following CSM call control management features: call
restrictions, maximum bandwidth, and grouping (in addition to the call logging feature).
well. This will provide access to the following CSM call control management features: call
restrictions, maximum bandwidth, and grouping (in addition to the call logging feature).
•
User Level Security