Hello Jim -
Yes you can add a Filter-Id reply attribute for a particular user by adding it to the list of reply items for that user.
You can also load per-user ACL's for Cisco's as described here:
http://www.open.com.au/radiator/faq.html#67
The FAQ item shows how to do it for all users, but you can use the same thing on a per-user basis.
regards
Hugh
On Tuesday, Aug 26, 2003, at 13:01 Australia/Melbourne, Jim Brown wrote:
This is a good question. There is not much information out there concerning
the filter-ID attribute. I need to add this attribute to a specific user,
allowing only port 80 to a specific IP address. Is that possible?
----- Original Message -----
From: "Dave Birkbeck" <[EMAIL PROTECTED]>
To: "'Tony Bunce'" <[EMAIL PROTECTED]>; "'Sean Watkins (northrock)'"
<[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Monday, August 25, 2003 7:27 PM
Subject: RE: (RADIATOR) MAx TNT & MSBlast
All,
In addition to having the ACL's that Cisco recommends. Has anyone come up with a Radius ascend-data-filter that will slow down the spread of these crazy viruses? Or better yet, a filter that will block ICMP.
Again, I know this is probably not the list for this discussion, but this topic is definitely for the greater good of the Internet.
That being said does anyone know of a list that discusses various NAS topics?
Thanks,
Dave
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Tony Bunce
Sent: Friday, August 22, 2003 10:38 AM
To: Sean Watkins (northrock); [EMAIL PROTECTED]
Subject: RE: (RADIATOR) MAx TNT & MSBlast
This problem is actually caused by the "good" blaster worm nachi
Nachi pings a host before it trys to spread so it doesn't waist its time
on non-existent hosts. The problem is that each one of those pings
generates an arp request and with such a high number of pings MAX TNT
boxes can't handle the high number of arp request and lock up or reboot
The ping has a specific signature, 92byes all AA as the content, that you can create a policy map for
Cisco has an article on how to block Nachi ICMP traffic on your inbound
router interface
http://www.cisco.com/warp/public/707/cisco-sn-20030820-nachi.shtml
Hope that helps
Thanks, Tony B, CCNA, Network+ Systems Administration GO Concepts, Inc. / www.go-concepts.com Are you on the GO yet? What about those you know, are they on the GO? 513.934.2800 1.888.ON.GO.YET
-----Original Message----- From: Sean Watkins (northrock) [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2003 11:41 AM To: [EMAIL PROTECTED] Subject: (RADIATOR) MAx TNT & MSBlast
Hi,
I know this isn't the place, but any MAX TNT users out there seeing
weird card failures begining with the onslaught of MSBlast? I saw a
news.com article about it... however I can't find any more info. Anyone
know of any active ascend / lucent tnt mailing lists?
Sean
Article Text:
In addition, network administrators reported on a newsgroup that
telecommunications equipment maker Lucent Technologies' TNT MAX network
gateway crashed due to some interaction with traffic created by the
MSBlast worms. A representative for the company confirmed that Lucent
was investigating the issue, but couldn't supply details.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
NB: have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening?
-- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence.
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
