The following example displays a user-specific VSA configuration. This configuration shows attributes for users named ruser1 and ruser2.
The following example shows that user ruser1 is granted console access. ruser1’s home directory is in compact flash slot 3 and is limited to the home directory. The default action allows all packets when matching conditions are not met. The timetra-cmd parameters allow or deny the user to use the tools>telnet>configure system security commands. Matching strings specified in the timetra-action command are denied for this user because the timetra-action is deny.
The user ruser2 is granted FTP access.The default action denies all packets when matching conditions are not met. The timetra-cmd parameters allow the user to use the configure, show, and debug commands. Matching strings specified in the timetra-action command are permitted for this user.
users.timetra
ruser1 Auth-Type := System, Password == "ruser1"
Service-Type = Login-User,
Idle-Timeout = 600,
Timetra-Access = console,
Timetra-Home-Directory = cf1:
Timetra-Restrict-To-Home = true
Timetra-Default-Action = permit-all,
Timetra-Cmd = "tools;telnet;configure system security",
Timetra-Action = deny
ruser2 Auth-Type := System, Password == "ruser2"
Service-Type = Login-User,
Idle-Timeout = 600,
Timetra-Access = ftp
Timetra-Default-Action = deny-all,
Timetra-Cmd = "configure",
Timetra-Cmd = "show",
Timetra-Action = permit,
Timetra-Cmd = "debug",
Timetra-Action = permit,