User Guide
132 Chapter 4 Configuring the domain
320818-A
Configuring the TunnelGuard check using the CLI
Before an authenticated client is allowed into the network, the TunnelGuard
application checks client host integrity by verifying that the components required
for the client’s personal firewall (executables, DLLs, configuration files, and so
on) are installed and active on the client PC. For more information about how the
TunnelGuard check operates in the Nortel SNA solution, see “TunnelGuard host
integrity check” on page 37.
If you ran the quick setup wizard during the initial setup or to create the domain,
the TunnelGuard check has been configured with default settings and the check
result you selected (teardown or restricted). You can rerun the TunnelGuard
portion of the quick setup wizard at any time by using the
/cfg/domain #/aaa/tg/quick command (see “Using the quick TunnelGuard
setup wizard in the CLI” on page 134).
To configure settings for the TunnelGuard host integrity check and the check
result, use the following command:
/cfg/domain #/aaa/tg
The TG menu displays.
The TG menu includes the following options:
/cfg/domain #/aaa/tg
followed by:
quick
Launches the quick TunnelGuard setup wizard, in
order to configure default TunnelGuard check settings
and the check result (see “Using the quick TunnelGuard
setup wizard in the CLI” on page 134).
recheck <interval>
Sets the time interval between SRS rule rechecks
made by the TunnelGuard applet on the client machine.
• interval is an integer that indicates the time
interval in seconds (
s), minutes (m), or hours (h).
The valid range is 60s (1m) to 86400s (24h). The
default is 15m (15 minutes).
If a recheck fails, the Nortel SNAS 4050 performs the
action specified in the
action command (see
page 133).