210 CHAPTER 7: AAA COMMANDS
filter-id Inbound or outbound
ACL to apply to the
user.
If configured in the WX switch’s local
database, this attribute can be an
access control list (ACL) to filter
outbound or inbound traffic. Use the
following format:
filter-id inboundacl.in
or
filter-id outboundacl.out
If you are configuring the attribute on
a RADIUS server, the value field of
filter-id can specify up to two ACLs.
Any of the following are valid:
filter-id = "Profile=acl1"
filter-id = "OutboundACL=acl2"
filter-id = "Profile=acl1
OutboundACL=acl2"
(Each example goes on a single line on
the server.) The format in which to
specify the values depends on the
RADIUS server.
Regardless of whether the attributes
are defined locally or on a RADIUS
server, the ACLs must already be
configured on the WX switch.
(For more information, see “Mapping
User-Based Security ACLs” on
page 242.)
idle-timeout This option is not implemented in the current MSS version.
mobility-profile
(network access
mode only)
Mobility Profile attribute
for the user. (For more
information, see set
mobility-profile on
page 215.)
Name of an existing Mobility Profile,
which can be up to 32 alphanumeric
characters, with no tabs or spaces.
If the Mobility Profile feature is
enabled, and a user is assigned the
name of a Mobility Profile that does
not exist on the WX switch, the user is
denied access.
Table 40 Authentication Attributes for Local Users (continued)