User Guide
OmniAccess SafeGuard OS Administration Guide
206
Chapter 6: Configuring Authentication and Role Derivation
Displaying Trusted Server Information
To review the current trusted server configuration, use the show aaa trusted-server
command in Privileged Exec mode:
show aaa session-tracking trusted-server
This command has no options or parameters. Output of the command is similar to this
example:
(SafeGuardOS) #show aaa session-tracking trusted-server
Trusted Servers
---------------
Number of Rows:1
Server Allowed Protocols Denied Protocols
------ ----------------- ----------------
1.2.3.4 DHCP,LSP KRB,RADIUS
(SafeGuardOS) #
Maintaining the Host Mapping Table
SafeGuard OS creates a set of mappings between MAC and IP addresses on the network.
All traffic with the same MAC address is assumed to have originated from the same host.
To build up these mappings, the system processes the following events:
■ DHCP traffic – The system can detect the DHCP traffic and determine which IP
address has been assigned to a client.
■ Static IP traffic – This is the traffic seen in the data path by the SafeGuard
Processor (LSP).
Entries are aged from the mapping table after an idle period (default 30 minutes after the
last detected flow). After idle period, connectivity will timeout.
To display the contents of the mapping table, see Displaying the Current Contents of the
Mapping Table on page 208.
Field Description
Server Indicates the server name or the default server.
Allowed Protocols Indicates all protocols that are configured as permitted.
Denied Protocols Indicates all protocols that are configured as denied.