User Guide
Chapter 4 Configuring the domain 133
Nortel Secure Network Access Switch 4050 User Guide
heartbeat <interval>
Sets the time interval between checks for client activity.
•
interval is an integer that indicates the time
interval in seconds (
s), minutes (m), or hours (h).
The valid range is 60s (1m) to 86400s (24h). The
default is 1m (1 minute).
hbretrycnt <count>
Specifies the number of times the Nortel SNAS 4050
will repeat the check for client activity when no
heartbeat is detected.
•
count is an integer in the range 1–65535 that
indicates the number of retries. The default is 3.
If no heartbeat is detected after the specified number of
retries (the inactivity interval), the Nortel SNAS 4050
default behavior is to terminate the session (see
/cfg/domain #/aaa/tg/status-quo).
status-quo on|off
Specifies whether the Nortel SNAS 4050 domain
operates in status-quo mode. Status-quo mode
determines the behavior of the Nortel SNAS 4050 if no
client activity is detected after the inactivity interval
(
heartbeat x hbretrycnt). The options are:
•
on — the client session continues indefinitely
• off — the Nortel SNAS 4050 terminates the
session immediately
The default is off.
action
teardown|restricted
Specifies the action to be performed if the client fails
the TunnelGuard SRS rule check. The options are:
• restricted — the session remains intact, but
access is restricted in accordance with the rights
specified in the access rules for the group
•
teardown — the SSL session is torn down
list
Lists the SRS rules configured for the domain.
For information about creating SRS rules, see
“TunnelGuard SRS Builder” on page 317.
The TunnelGuard applet can apply different SRS rules
for different groups. For information about specifying
the SRS rule to use for the TunnelGuard check, see
“Configuring groups using the CLI” on page 198.
/cfg/domain #/aaa/tg
followed by: