User Guide
OmniAccess SafeGuard OS Administration Guide
237
Chapter 6: Configuring Authentication and Role Derivation
Timeout ....................................... 0
Comment ....................................... unauthenticated printers
(SafeGuard OS) (config) #
Configuring Extended White Lists
Like the simple white list, the extended white list manually sets the authentication state
for a host. In addition to the simple criteria such as subnet and MAC address, the
extended white lists provide the ability to recognize trusted systems based on a range of
criteria such as the source port or VLAN, or the time of day. Extended white lists also
provide the ability to combine these attribute requirements into arbitrarily complex
statements.
To create an extended white list:
1 (Optional) Create one or more attribute rule sets. An attribute rule set is a
collection of match statements. While it is possible to create an extended white list
without using attribute rule sets, an attribute rule set allows many white list
Field Description
ID A unique system-wide ID.
User Name The userid of the client being added to the list.
MAC Address MAC address for the interface of the user. MAC
addresses may be specified in any of the following
formats:
■ aa:bb:cc:dd:ee:ff
■ aabb:ccdd:eeff
■ aa-bb-cc-dd-ee-ff
■ aabb.ccdd.eeff
■ aabbccddeeff
MAC Mask The mask for the MAC address.
IP Address The IP address of the user.
Netmask The mask for the IP address.
Host Name The hostname of the client machine.
Role Name The role assigned to this user.
Auth State Indicates whether the user was able to successfully
authenticate.
Timeout Indicates the force-timeout setting.
Comment A description or comment as to why this entry is being
made.