Nortel Networks 4050 사용자 설명서
202 Chapter 5 Configuring groups and profiles
320818-A
The
Client Filter
menu includes the following options:
/cfg/domain 1/aaa/filter <filter ID>
followed by:
name <name>
Names or renames the filter. After you have defined a
name for the filter, you can use either the filter name or
the filter ID to access the Client Filter menu.
name for the filter, you can use either the filter name or
the filter ID to access the Client Filter menu.
•
name
is a string that must be unique in the domain.
The maximum length of the string is 255
characters.
characters.
You reference the client filter name when configuring
the extended profile.
the extended profile.
tg true|false|ignore
Specifies whether passing or failing the TunnelGuard
host integrity check triggers the filter.
host integrity check triggers the filter.
•
true
— the client filter triggers when the
TunnelGuard check succeeds.
•
false
— the client filter triggers when the
TunnelGuard check fails.
•
ignore
— passing or failing the TunnelGuard
check will not trigger the client filter.
The default is
ignore
.
For example, in order to grant limited access rights to
users who fail the TunnelGuard check, set the
users who fail the TunnelGuard check, set the
tg
value
to
false
, create an extended profile that references
this client filter, and then map the extended profile to a
restrictive VLAN.
restrictive VLAN.
For information about configuring the TunnelGuard
checks, see
checks, see
comment <comment>
Creates a comment about the client filter.
del
Removes the client filter from the current configuration.