Right-click the device and then select Configure, or double-click the device.
Select SSG TAL Information from the Category list.
The following information appears:
Max. authorization Requests Rate (cssgTalMaxAuthRate)
Time at Max. Auth. Request (cssgTalMaxAuthRateTimestamp)
Min Authorization Requests Rate (cssgTalMinAuthRate)
Time at Min. Auth. Request (cssgTalMinAuthRateTimestamp)
Current Authorization Requests Rate (cssgTalCurrentAuthRate)
Time at Last Recorded (cssgTalCurrentAuthRateTimestamp)
Reset Athorization Requests Rate (cssgTalResetAuthRates)
Max. Pending Athorization Requests (cssgTalMaxPendingAuthReqs)
Max. Athorization Requests Rate (cssgTalMaxAuthReqsRate)
Drop Packets During Athorization (cssgTalDropPakDuringAuthorization)
Allow Unidentified User Traffic (cssgTalUnidentifiedUserAllowTraff)
Max Suspect Users (cssgTalMaxSuspectUsers)
Maximum rate of authorization requests per second. At a given time, the maximum rate of authorization requests will overwrite the previous value.
This is the local time on the SSG when the maximum rate of authorization requests per second, indicated by cssgTalMaxAuthRate, was recorded.
Minimum rate of authorization requests per second. At a given time, the minimum rate of authorization requests will overwrite the previous value.
This is the local time on the SSG when the minimum rate of authorization requests per second, indicated by cssgTalMinAuthRate, was recorded.
The last recorded rate of authorization requests per second, on SSG.
This is the local time on the SSG when cssgTalCurrentAuthRate, was recorded.
Setting this variable to 'reset' indicates that the minimum and maximum rates of authorization would be reset to the last recorded rate of authorization requests per second. Setting it to 'unknown' will not result in any changes. An snmp-get on this value will always return 'unknown'.
The maximum number of outstanding TAL authorization requests allowed on SSG. If the number of authorization requests goes beyond this value, SSG does a SYS log message and any packets received that would result in SSG sending a new radius request will be dropped at the CEF path itself. When this value is set, it will be applicable from that point onwards. If the number of existing requests exceeds the new values, these requests will not be discarded.
The maximum number of authorization requests per second allowed on SSG. If this value is set, SSG throttles the authorization requests sent per second as per this value.
The value 'true' indicates that any packets that are received from the user during user authorization would be dropped. The value 'false' indicates that the packets will not be dropped.
The value 'true' indicates that traffic from/to unidentified users would be allowed. A value of 'false' indicates that traffic from/to unidentified users will not be allowed.
The maximum number of suspect users allowed.
The timeout value for a suspect user in minutes. If a packet is received for a suspect user, then packets from/to this user will be dropped/tcp-redirected, until a value of cssgTalSuspectUserTimeout is reached. After this timeout, any new traffic received by SSG from the suspect user will trigger the TAL procedure all over again.
The timeout value for an unidentified user in minutes. After this
time expiry, authorization will be done again when a packet is
received from this user.