User Guide
196 Chapter 5 Configuring groups and profiles
320818-A
Before you begin
Before you configure groups, client filters, and extended profiles on the Nortel
SNAS 4050, complete the following tasks:
1 Create the linksets, if desired (see “Linksets and links” on page 394).
2 Create the SRS rules (see “TunnelGuard SRS Builder” on page 317).
3 If authentication services have already been configured, ascertain the group
names used by the authentication services.
Group names defined on the Nortel SNAS 4050 must correspond to group
names used by the authentication services. Table 30 summarizes the
requirements for the various authentication methods.
Configuring groups and extended profiles using the CLI
The basic steps to configure groups and extended profiles on the Nortel
SNAS 4050 using the CLI are:
1 Configure the group (see “Configuring groups using the CLI” on page 198).
2 Configure the client filters that will be referenced in the extended profiles (see
“Configuring client filters using the CLI” on page 201). The client filters can
be referenced by all extended profiles in the domain.
Table 30
Group names in the Nortel SNAS 4050 and authentication services
Authentication method
Group name on the Nortel SNAS 4050 must correspond
to...
RADIUS A group name defined in the vendor-specific attribute used by
the RADIUS server. Contact your RADIUS system
administrator for information.
LDAP A group name defined in the LDAP group attribute used by
the LDAP server. Contact your LDAP system administrator for
information.
Local database A group name used in the database. The group name is for
internal use to control access to intranet resources according
to the associated access rules. When you add a user to the
local database, you map the user to one or more of the
defined user groups.