The following example displays a user-specific VSA configuration. This configuration shows attributes for users named "ruser1" and "ruser2".
The following example shows that user "ruser1" is granted console access. The "ruser1" home directory is in compact flash slot 3 and is limited to the home directory. The default action permits all packets when matching conditions are not met. The timetra-cmd parameters allow or deny the user to use the tools;telnet;configure system security commands. Matching strings specified in the timetra-action command are denied for this user since the timetra-action is deny.
The user "ruser2" is granted FTP access.The default action denies all packets when matching conditions are not met. The timetra-cmd parameters allow the user to use the configure, show, and debug commands. Matching strings specified in the timetra-action command are permitted for this user.
users.timetra
ruser1 Auth-Type := System, Password == "ruser1"
Service-Type = Login-User,
Idle-Timeout = 600,
Timetra-Access = console,
Timetra-Home-Directory = cf1:
Timetra-Restrict-To-Home = true
Timetra-Default-Action = permit-all,
Timetra-Cmd = "tools;telnet;configure system security",
Timetra-Action = deny
ruser2 Auth-Type := System, Password == "ruser2"
Service-Type = Login-User,
Idle-Timeout = 600,
Timetra-Access = ftp
Timetra-Default-Action = deny-all,
Timetra-Cmd = "configure",
Timetra-Cmd = "show",
Timetra-Action = permit,
Timetra-Cmd = "debug",
Timetra-Action = permit,