Filter
Top Products
Configuring groups and extended profiles 163
ATTENTION
If you ran the quick setup wizard during initial setup, two client filters have been
created: nha_passed (filter ID = 1) and nha_failed (filter ID = 2).
The Client Filter menu includes the following options:
Table 27
Configuring client filters
/cfg/doamin #/aaa/filter <filter ID>
followed by:
name <name> Names or renames the filter. After you have
defined a name for the filter, you can use either
the filter name or the filter ID to access the Client
Filter menu.
• name is a string that must be unique in the
domain. The maximum length of the string is
255 characters.
You reference the client filter name when
configuring the extended profile.
nha
true|false|ignore
Specifies whether passing or failing the Nortel
Health Agent host integrity check triggers the filter.
• true—the client filter triggers when the Nortel
Health Agent check succeeds.
• false—the client filter triggers when the Nortel
Health Agent check fails.
•
ignore—passing or failing the Nortel Health
Agent check will not trigger the client filter.
The default is ignore.
For example, in order to grant limited access rights
to users who fail the Nortel Health Agent check, set
the nha value to false, create an extended profile
that references this client filter, and then map the
extended profile to a restrictive VLAN.
For information about configuring the Nortel Health
Agent checks, see “Configuring the Nortel Health
Agent check” (page 92).
comment <comment>
Creates a comment about the client filter.
del
Removes the client filter from the current
configuration.
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100 03.01 Standard
28 July 2008
Copyright © 2007, 2008 Nortel Networks
.