Skspruce Technologies Inc. WIA3200 Manuel D’Utilisation

user table. 

User role defines the network access. JadeOS specifies the network access of user by 
ACL. To create a user role in JadeOS, you need to create a session ACL, and then ap-
ply the ACL to the user role. 

To create user role, use the following steps: 
Step 1    Configure a session ACL named pre-auth-acl 

  (JadeOS) (config) #ip access-list session pre-auth-acl 

Step 2    Configure network access. 

  (JadeOS) (config-sess-pre-auth-acl)#any any udp 53 permit 

(JadeOS) (config-sess-pre-auth-acl)#any any tcp 0 65535    dst-nat ip 10.0.0.2 443 

(JadeOS) (config-sess-pre-auth-acl)#any any ucp 0 65535    dst-nat ip 10.0.0.2 443 

Step 3    Create a user role named ‘pre-auth’ 

(JadeOS) (config) #user-role preauth 

Step 4    Apply user rule to ACL 

(JadeOS) (config-role) #session-acl pre-auth-acl 

 

access-list

 

Apply access list to user role

 

bandwidth-contract

 

Set the maximum bandwidth 

max-sessions

 

Set the datapath session limit, 64k by default

 

reauthentication-interval

 

Config the intervals of re-authentication 

session-acl

 

Apply session ACL

 

vlan

 

Distribute VLAN 

The attribute list supported by user role 

Before a user successfully authenticate, JadeOS specifies an initial role to user (role 
before authentication); after the user is successfully authenticate, JadeOS will specify 
a new role to the user (role after authentication).Network administrators can flexibly 
control network access through configuring ACL. 

For example, configure a user role named pre-auth that permit DNS traffic, but redi-
rect all other traffic to port 443 to perform authentications by DNAT; configure a user 
role named post-auth that allow all the traffic; use the following steps: