Manualshelf

HP-UX AAA Server A.07.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
151152153154155156157158159160
on the network. Session limits are defined through A-V pairs. These limits can be
enforced on a user-by-user or global basis.
Setting Limits on a User-by-User Basis
If the user profile does not currently exist, follow the appropriate procedure to create
a new profile. If the user profile does exist, access the user profile from the text file or
database that stores the profile.
Setting Timeout Values
If the user profile is stored in a AAA server flat file:
1. Select the General tab from the User Attributes screen.
2. Assign a Session Timeout value to limit how many seconds the user can access
the service.
3. Assign an Idle Timeout value to limit how many consecutive seconds of idle
connection time can pass before the session is terminated.
If the user profile is stored in an LDAP LDIF file, add the following lines to the user
profile:
aaaReply: Session-Timeout = Number-seconds
aaaReply: Idle-Timout = Number-seconds
Establishing a Filter
1. Define the filter on your network device according to the hardware instructions.
The filter definition should include a filter ID.
2. Associate the user profile with the filter ID.
If the user profile is stored in a AAA server users file (grouped by realm or
the default file), select the General tab from the User Attributes screen and
specify the ID in the Filter ID field.
If the user profile is stored in an LDAP LDIF file, add the following line to the
user profile:
aaaReply: Filter-ID = value
Limiting Access Points (NAS-Port, NAS-ID, Calling-Station ID, and others)
You can control what connection point a user must use to access your network by
restricting access to specific NASs or phone numbers.
154 Managing Sessions