TMS zl Management and Configuration Guide ST.1.0.090213

A-66

Threat Management Services zl Module Command-Line Reference

Global Configuration Context

Replace <domain name> with the domain name associated with your

RADIUS server.

On the TMS zl Module, users submit their username followed by @<domain

name>. Use the optional strip domain segment to strip the domain name

from the credentials.

For example, to add a primary RADIUS authentication server with the IP

address 10.10.10.10 and to specify “procurve” as the secret key, 10.10.15.18 as

the NAS ID, and a domain name of “procurve.com,” enter the following

command:

ProCurve(tms-module-<slot ID>)# radius-server host

10.10.10.10 authentication secret procurve nas-id

10.10.15.18 domain-name procurve.com server-role primary

To delete a specified RADIUS server, enter the following command:

Syntax: no radius-server host <host IP address> < authentication | accounting >

domain-name <domain name> [server-role < primary | backup > ]

Replace <host IP address> with the IP address of the RADIUS server.

Replace <domain name> with the domain name associated with your

RADIUS server.

rate-limit

This command allows you to set rate limits on your firewall access policies.

To configure rate limiting on a firewall access policy, you will need to know

the user group and rule ID of the access policy. You can configure the following

parameters:

■ Absolute maximum number of connections

■ Maximum number of connections for a specified time period

■ Maximum number of kilobytes for a specified time period

■ Maximum number of packets for a specified time

You can configure any combination of these parameters.

To configure rate limiting, enter the following command:

Syntax: rate-limit [group <group name> ] id <rule ID> [<rate limiter> <limiting param-

eters>]

Replace <group name> with the name of the group to which the firewall

policy applies. This parameter is optional.