Filter
Top Products
Working with public access attributes
Colubris AV-Pair attribute - Site values
By default this feature listens to TCP port 8088 on the LAN port. However, it can be
configured to capture other ports. This is done by defining an access list and DNAT server.
For example:
HTTP-Proxy-Upstream=myproxy.com:8888
Access-List=mylist,DNAT-SERVER,tcp,*mydomain.com,80
Use-access-list=mylist
DNAT-Server=mylist,192.168.1.1,8088
This forces any traffic any incoming traffic with a target address inside mydomain.com to be
redirected to the internal HTTP proxy. Then, because of the HTTP-Proxy-Upstream
keyword, the traffic is forwarded to myproxy.com.
Note The HTTP-Proxy-Upstream definition must exclude any traffic addressed to the service
controller public access interface, otherwise HTML-based user’s will not be able to login.
Syntax
HTTP-Proxy-Upstream=hostname:port
Where:
Parameter Description
hostname
Specify the IP address or domain name of the proxy server. Maximum
length is 253 characters.
port
Specify the port on the proxy server. Range: 1 to 65535.
IPass login URL
This keyword lets you define the location of the IPass login page. The service controller will
automatically redirect users with IPass client software to this page.
Syntax
ipass-login-url=URL_of_page
Where:
Parameter Description
URL_of_page
Address of the IPass login page.
MAC authentication
The service controller can authenticate devices based on their MAC address. This is useful
for authenticating devices that do not have a Web browser (cash registers, for example). It
can also be used to authenticate an AP.
9-53