3com WX2200 3CRWX220095A Manual Do Utilizador
258
C
HAPTER
8: AAA C
OMMANDS
For user-glob, specify a username, use the double-asterisk wildcard
character (**) to specify all usernames, or use the single-asterisk
wildcard character (*) to specify a set of usernames up to or following
the first delimiter character, either an at sign (@) or a period (.). (For
details, see “User Globs” on page 30.)
character (**) to specify all usernames, or use the single-asterisk
wildcard character (*) to specify a set of usernames up to or following
the first delimiter character, either an at sign (@) or a period (.). (For
details, see “User Globs” on page 30.)
before
rule-number
— Inserts the new location policy rule in front of
another rule in the location policy. Specify the number of the existing
location policy rule. (To determine the number, use the display
location policy command.)
location policy rule. (To determine the number, use the display
location policy command.)
modify
rule-number
— Replaces the rule in the location policy with
the new rule. Specify the number of the existing location policy rule.
(To determine the number, use the display location policy
command.)
(To determine the number, use the display location policy
command.)
port
port-list
— List of physical port(s) that determines if the
location policy rule applies.
Defaults — By default, users are permitted VLAN access and assigned
security ACLs according to the VLAN-Name and Filter-Id attributes applied
to the users during normal authentication and authorization.
security ACLs according to the VLAN-Name and Filter-Id attributes applied
to the users during normal authentication and authorization.
Access — Enabled.
History —Introduced in MSS Version 3.0. SSID option added in MSS
Version 3.2.
Version 3.2.
Usage — Only a single location policy is allowed per WX switch. Once
configured, the location policy becomes effective immediately. To disable
location policy operation, use the clear location policy command.
configured, the location policy becomes effective immediately. To disable
location policy operation, use the clear location policy command.
Conditions within a rule are AND’ed. All conditions in the rule must
match for MSS to take the specified action. If the location policy contains
multiple rules, MSS compares the user information to the rules one at a
time, in the order the rules appear in the WX configuration file,
beginning with the rule at the top of the list. MSS continues comparing
until a user matches all conditions in a rule or until there are no more
rules.
match for MSS to take the specified action. If the location policy contains
multiple rules, MSS compares the user information to the rules one at a
time, in the order the rules appear in the WX configuration file,
beginning with the rule at the top of the list. MSS continues comparing
until a user matches all conditions in a rule or until there are no more
rules.
The order of rules in the location policy is important to ensure users are
properly granted or denied access. To position rules within the location
policy, use before rule-number and modify rule-number in the set
location policy command, and the clear location policy rule-number
command.
properly granted or denied access. To position rules within the location
policy, use before rule-number and modify rule-number in the set
location policy command, and the clear location policy rule-number
command.