Alcatel-Lucent 8950 AAA Computer Accessories User Manual


  Open as PDF
of 476
 
............................................................................................................................................................................................................................................................
Using the Policy WizardUsing the 8950 AAA Policy Assistant in Server
Management Tool
9-14
365-360-001R6.0
Issue 1, December 2008
............................................................................................................................................................................................................................................................
By default, if you choose to save accounting data to an SQL database, the PolicyAssistant
uses the built-in 8950 AAA database. Accounting records can be managed by using the
Database Tools panel.
If you want to forward your accounting data to a remote server, select Proxy Accounting
Information. This option is available regardless of the processing option you choose in
the top frame of this panel.
Click Next to set user and session limits. The User and Session Limits panel appears as
shown in Figure 9-7.
Defining Policy Limits
Figure 9-7 User Session and Policy Limits Panel in the Policy Wizard
The User Session Limits setting sets the maximum number of concurrent sessions that a
user may have. The Policy Limits setting indicates the maximum number of concurrent
sessions that may be open among all users whose access was controlled by this policy.
The 8950 AAA server checks user session and policy limits independently. If either limit
is exceeded 8950 AAA rejects the access request.
For example, assume there is policy for all users at the realm “myisp.com” and in that
policy User Session Limits is set to 1 and Policy Limits is set to 3.
The users user1@myisp.com, user2@myisp.com, and user3@myisp.com all log in to the
network. At this point, the session count for each is 1, so any attempt by these users to log
in and start another session, would be rejected. The session count for the policy, is 3. If
 previous next