SSG TAL Information

Procedure

  1. Right-click the Multi-Processor WAN Application Module (MWAM) and then select Configure, or double-click the module.

  2. Select MWAM module from the Category list.

  3. Select a row and click Configure.

  4. Select SSG TAL Information from the Category list.

The following information appears:

Max. authorization Requests Rate (cssgTalMaxAuthRate)

Time at Max. Auth. Request (cssgTalMaxAuthRateTimestamp)

Min Authorization Requests Rate (cssgTalMinAuthRate)

Time at Min. Auth. Request (cssgTalMinAuthRateTimestamp)

Current Authorization Requests Rate (cssgTalCurrentAuthRate)

Time at Last Recorded (cssgTalCurrentAuthRateTimestamp)

Reset Athorization Requests Rate (cssgTalResetAuthRates)

Max. Pending Athorization Requests (cssgTalMaxPendingAuthReqs)

Max. Athorization Requests Rate (cssgTalMaxAuthReqsRate)

Drop Packets During Athorization (cssgTalDropPakDuringAuthorization)

Allow Unidentified User Traffic (cssgTalUnidentifiedUserAllowTraff)

Max Suspect Users (cssgTalMaxSuspectUsers)

Suspect User Timeout (cssgTalSuspectUserTimeout)

Unidentified User Timeout (cssgTalUnidentifiedUserTimeout)


Max. authorization Requests Rate (cssgTalMaxAuthRate)

Maximum rate of authorization requests per second. At a given time, the maximum rate of authorization requests will overwrite the previous value.


Time at Max. Auth. Request (cssgTalMaxAuthRateTimestamp)

This is the local time on the SSG when the maximum rate of authorization requests per second, indicated by cssgTalMaxAuthRate, was recorded.


Min Authorization Requests Rate (cssgTalMinAuthRate)

Minimum rate of authorization requests per second. At a given time, the minimum rate of authorization requests will overwrite the previous value.


Time at Min. Auth. Request (cssgTalMinAuthRateTimestamp)

This is the local time on the SSG when the minimum rate of authorization requests per second, indicated by cssgTalMinAuthRate, was recorded.


Current Authorization Requests Rate (cssgTalCurrentAuthRate)

The last recorded rate of authorization requests per second, on SSG.


Time at Last Recorded (cssgTalCurrentAuthRateTimestamp)

This is the local time on the SSG when cssgTalCurrentAuthRate, was recorded.


Reset Athorization Requests Rate (cssgTalResetAuthRates)

Setting this variable to 'reset' indicates that the minimum and maximum rates of authorization would be reset to the last recorded rate of authorization requests per second. Setting it to 'unknown' will not result in any changes. An snmp-get on this value will always return 'unknown'.


Max. Pending Athorization Requests (cssgTalMaxPendingAuthReqs)

The maximum number of outstanding TAL authorization requests allowed on SSG. If the number of authorization requests goes beyond this value, SSG does a SYS log message and any packets received that would result in SSG sending a new radius request will be dropped at the CEF path itself. When this value is set, it will be applicable from that point onwards. If the number of existing requests exceeds the new values, these requests will not be discarded.


Max. Athorization Requests Rate (cssgTalMaxAuthReqsRate)

The maximum number of authorization requests per second allowed on SSG. If this value is set, SSG throttles the authorization requests sent per second as per this value.


Drop Packets During Athorization (cssgTalDropPakDuringAuthorization)

The value 'true' indicates that any packets that are received from the user during user authorization would be dropped. The value 'false' indicates that the packets will not be dropped.


Allow Unidentified User Traffic (cssgTalUnidentifiedUserAllowTraff)

The value 'true' indicates that traffic from/to unidentified users would be allowed. A value of 'false' indicates that traffic from/to unidentified users will not be allowed.


Max Suspect Users (cssgTalMaxSuspectUsers)

The maximum number of suspect users allowed.


Suspect User Timeout (cssgTalSuspectUserTimeout)

The timeout value for a suspect user in minutes. If a packet is received for a suspect user, then packets from/to this user will be dropped/tcp-redirected, until a value of cssgTalSuspectUserTimeout is reached. After this timeout, any new traffic received by SSG from the suspect user will trigger the TAL procedure all over again.


Unidentified User Timeout (cssgTalUnidentifiedUserTimeout)

The timeout value for an unidentified user in minutes. After this time expiry, authorization will be done again when a packet is received from this user.