Filter
Top Products
7-2
Cisco 10000 Series Router Service Selection Gateway Configuration Guide
OL-4387-02
Chapter 7 Service Profiles and Cached Service Profiles
Service Profiles
Upstream Access Control List
Specifies either an IOS standard access control list or an extended access control list to be applied to
upstream traffic coming from the user.
Cisco-AVpair = “ip:inacl[#
numbe
r]={
standard-access-control-list
|
extended-access-control-lis
t}”
Domain Name
(Optional) Specifies domain names that get DNS resolution from the DNS server(s) specified by the
DNS server address.
Service-Info = “
Oname
1[;
name
2
]..
.
[;name
X]”
Full Username
Indicates that RADIUS authentication and accounting requests use the full username (user@service).
Service-Info = “X”
MTU Size
Specifies the PPP MTU size of the SSG as a LAC. By default, the PPP MTU size is 1500 bytes.
Service-Info = "
Bsiz
e"
Note In Directory Enabled Service Selection Subscription (DESS) mode, SESM does not support the use of
this attribute.
RADIUS Server
Specifies the remote RADIUS servers that SSG uses to authenticate, authorize, and perform accounting
for a service logon for a proxy service type. This attribute is only used in proxy service profiles and is
required.
You can configure each remote RADIUS server with timeout and retransmission parameters. SSG will
perform failover among the servers.
Service-Info =
“
SRadius-server-addres
s;
auth-por
t;
acct-por
t;
secret-ke
y[;
retran
s;
timeou
t;
deadtim
e]”
Service Authentication Type
Specifies whether the SSG uses the CHAP or PAP protocol to authenticate users for proxy services.
Service-Info = "
Aauthen-typ
e"