3com WX1200 User Manual

C

HAPTER

 8: AAA C

OMMANDS

end-date

Date and time after 
which the user is no 
longer allowed to be on 
the network. 

Date and time, in the following 
format:

You can use end-date alone or with 
start-date. You also can use 
start-date, end-date, or both in 
conjunction with time-of-day.

filter-id

Inbound or outbound 
ACL to apply to the 
user.

If configured in the WX switch’s local 
database, this attribute can be an 
access control list (ACL) to filter 
outbound or inbound traffic. Use the 
following format:

filter-id inboundacl.in

or 

filter-id outboundacl.out

If you are configuring the attribute on 
a RADIUS server, the value field of 
filter-id can specify up to two ACLs. 
Any of the following are valid: 

filter-id = "Profile=acl1"

filter-id = "OutboundACL=acl2"

filter-id = "Profile=acl1 
OutboundACL=acl2"

(Each example goes on a single line on 
the server.) The format in which to 
specify the values depends on the 
RADIUS server.

Regardless of whether the attributes 
are defined locally or on a RADIUS 
server, the ACLs must already be 
configured on the WX switch.

idle-timeout

This option is not implemented in the current MSS version.

mobility-profile

(network access 
mode only)

Mobility Profile attribute 
for the user. (For more 
information, see set 
mobility-profile on 
page 255.)

Name of an existing Mobility Profile, 
which can be up to 32 alphanumeric 
characters, with no tabs or spaces. 

If the Mobility Profile feature is 
enabled, and a user is assigned the 
name of a Mobility Profile that does 
not exist on the WX switch, the user is 
denied access.

Table 44   Authentication Attributes for Local Users (continued)