Command Reference: set auth

set auth

Use the set auth command to

Configure access permissions to device/terminal server serial ports for users making outbound calls
Display outbound call permission levels to device/terminal server serial ports
Delete a range of entries from the auth table

The set auth command is a very powerful tool for limiting outbound call access to device/terminal server ports. There are, however, a few rules you must understand in order to use this command to produce the configuration results you intend:

The default for a port is unrestricted access. This means that all IP addresses and RealPort drivers have unrestricted access to the port to make outbound calls unless you use the set auth command to change this.
When you use the set auth command to require a login for a particular IP address (or range of addresses), all other IP addresses continue to have unrestricted access to the port.
When you use the set auth command to grant unrestricted access to a particular IP address (or range of addresses), all other IP addresses are required to login.
When you use the set auth command to specify an IP address and range of ports but no permission levels, the IP address will not be able use the port because it has been assigned neither login nor unrestricted access to the port.
Use the mask field to extend the scope of the set auth command to a range of IP addresses. In each mask position that a binary 1 appears, the incoming address must match perfectly with the address specified on the ip field.
The range field is sensitive to the context in which it is used. When you configure access permissions, it specifies a range of ports. When you display an entry or remove one (using the rmauth field) from the auth table, it refers to an auth table index number, which is the way an auth table entry is identified.

The auth table is limited to 20 entries.

Anyone can use the set auth command to display auth table entries. Root privileges are required to configure access permissions or to remove entries from the auth table.

Command Syntax

Configuration Syntax

Enter the set auth command as shown below to configure auth table entries.

set auth [ip=ip_addr] [mask=ip_mask] [login=none|range] [range=range] [realport=none|range] [unrestricted=none|range] [rmauth=ip_addr|on]

Display Syntax

Enter the set auth command as shown below to display auth table entries.

set auth [range=range]

Delete Syntax

Enter the set auth command as shown below to delete entries from the auth table.

set auth range=range rmauth=on

Command Fields

Command Field	Description
ip	Specifies the IP address of the device to which this set auth command applies.
login	Configures login requirements to the range of ports specified for the IP address specified. Users with other IP addresses continue to have unrestricted access to these ports.
mask	Specifies an IP mask used to extend the scope of this set auth command to a range of IP addresses. See the examples that follow for more information on using the ip and mask fields together.
range	Specifies one of the following: A range of ports to which this set auth command applies when you configure port access A range of auth table entries (identified by an index number) to which this set auth command applies when you use the rmauth option
realport	Configures access for the RealPort drivers running on the devices identified by the ip and mask fields to the specified range of ports The default is that RealPort can access a port. Unless you use the set auth command to configure a port to restrict RealPort access, RealPort drivers can access that port.
unrestricted	Configures unrestricted access for the IP address specified to the range of ports specified.
rmauth	`ip_addr` - is an ip address to remove from the auth table. on - makes the command apply to the auth table entries defined in the range field.

Command Examples

Display the Entire Auth Table

In this example, the set auth command displays the entire auth table.

set auth

Display Setting for a Range of Entries

In this example, the set auth command displays a range of auth table entries.

set auth range=1-8

Configure RealPort Access

In this example of a TCP/IP Class C network, the set auth command configures

RealPort running on any host on network 199.150.150.10 with unrestricted access to ports 1 through 8
Users with other IP addresses with log in access
set auth ip=199.150.150.10 mask=255.255.255.0 realport=1-8 unrestricted=1-8

set auth ip=199.150.150.10 mask=255.255.255.0 realport=1-8 unrestricted=1-8

Configure Unlimited Access to a Port

In this example, the set auth command configures

Telnet users on host 199.150.150.16 to access port 1 without logging in
All other users to log in
set auth ip=199.150.150.16 mask=0.0.0.0 unrestricted=1

set auth ip=199.150.150.16 mask=0.0.0.0 unrestricted=1

Configuring Mixed Access

In this example, the set auth command configures

The user at IP address 199.150.150.16 with log in access to ports 2 and 3 and unrestricted access to ports 4 and 5
All other users for unrestricted access to ports 2 and 3 and log in access to ports 4 and 5
set auth range=2-4 ip=199.150.150.16 login=2-3 unrestricted=4-5

set auth range=2-4 ip=199.150.150.16 login=2-3 unrestricted=4-5

Removing an IP Address from the Auth Table

In this example, the set auth command removes an entry from the auth table by specifying an IP address.

set auth ip=199.150.150.16 rmauth=on

Removing an Entry from the Auth Table

In this example, the set auth command removes an entry by specifying a range of entries in the auth table.

set auth rmauth=on range=1-2