TMS zl Management and Configuration Guide ST.1.2.100916
A-106
Command-Line Reference
Global Configuration Context
If you do not use the domain-name option, the server will be placed in the global
domain. Users who log in without a domain name or with a domain name not
assigned to another server are authenticated to this server.
Note You must enter the domain-name option to specify the strip-domain option.
If you want to the strip the domain from requests to a server that is not assigned
a domain name, enter global for the domain-name option.
For example, to add a RADIUS server with the IP address 10.10.10.10 and to
specify “password” as the secret key, TMS as the NAS ID, and a domain name
of “hp.com,” enter the following command:
hostswitch(tms-module-<slot ID>)# radius-server host
10.10.10.10 secret password nas-id tms domain-name hp.com
To delete a specified RADIUS server, enter the following command:
Syntax: no radius-server host <IP address> domain-name <domain name>
Replace <IP address> with the IP address of the RADIUS server.
Replace <domain name> with the domain name associated with your RADIUS
server. If the RADIUS server was not associated with a domain, you must
replace <domain name> with global.
rate-limit
This command allows you to set rate limits on your firewall access policies.
To configure rate limiting on a firewall access policy, you will need to know
the user group and rule ID of the access policy. You can configure the following
parameters:
■ Absolute maximum number of connections
■ Maximum number of connections for a specified time period
■ Maximum number of kilobytes for a specified time period
■ Maximum number of packets for a specified time
You can configure any combination of these parameters.
To configure rate limiting, enter the following command:
Syntax: rate-limit [group <group name> ] id <rule ID> [<rate limiter> <limiting
parameters>]
Replace <group name> with the name of the group to which the firewall policy
applies. This parameter is optional.