Table of Contents

Symbols
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z

Index

Symbols

$MGMTPORTNO     9-5

$SSLPORTNO     9-5

$ subattributes     C-13

$ variables, in start scripts     9-5

A

AAA

See RADIUS

aaa.properties file     5-6, C-19, D-1, D-4

aaa.xml     D-1, D-2

aaaFilename attribute     D-4

AAA MBean     5-10

access accept messages     C-13

access control lists

See ACLs

access reject messages     13-9

Account-Info, Demo mode     C-13

accounting

RADIUS     C-1, C-16

solutions     C-16

ACLs     10-12

Advanced Firewall page     10-16, 10-22

established keyword in     10-20

format in CDAT     10-26

generated     10-19

My Firewall page     10-19, 10-21

numbers     10-23, 10-26, 10-27

priorities     10-23

RADIUS profiles     C-9, C-15

restrictions     10-26

viewing in CDAT     10-19

addDimension call     5-14

addHandler     4-2

addListener     4-6, 4-7

Add Services option     2-14

AddWebApplication     4-5

administrative firewalls     10-25

Advanced Firewall page     10-16

advertisingCaptivateDuration attribute     11-12, 11-18

advertisingCaptivateOn attribute     11-11, 11-24

advertisingCaptivatePort attribute     11-12

advertisingCaptivateURL attribute     11-11

advertising redirection

configuring     2-17, 11-11, 11-15, 11-22

duration     2-17

hobbies     11-8, 11-16

HTTP query parameters     11-3

port     2-17

profile attributes     C-12

Agent View

accessing     3-4, 3-6

description     3-3, 3-4

links on CDAT main window     2-19, 3-7

URLs     3-6

using     3-8

AllApplicationsDescriptions attribute     5-13

Allow Clear Text Passwords     B-3

allowedClients attribute     7-6, D-5

AllProtocolDescriptions attribute     5-12

alternative configurations, captive portal     11-5

alwaysGetAllAttributes attribute     8-2

apidoc     2-20

APIs

SESM     5-19

APN     C-11

append attribute     4-3, 4-5

application.home     4-4, 4-5, 5-3, 9-5

application.log     4-5, 5-3, 13-4

application.portno     9-5

application.ssl.portno     9-5

applications

startup scripts     9-3

stopping     9-6

applications list, on firewall pages     5-11, 5-13, 10-17, 10-18

Apply button, AgentView     3-11

attributes, arbitrary

configuring     10-10

demonstrating     10-11

description     10-5, 10-9

URL     10-11

attributes, configuration

changing values     3-2

persisting changes     3-11

attributes, RADIUS

defining new     7-4, C-3, C-5, D-2, D-4

defining new in RDP     7-4

dictionary     C-2

predefined     C-3

authAttributes attribute     7-5

authentication

multikey     7-5, 10-28

NDS     B-3

RDP     7-8

setting RADIUS port     C-1

type     C-7

AuthInfo attribute     3-5

autoConnect attribute     5-5

automatic connections

configuring     10-1, C-12

description     10-1

disconnecting     10-3

RADIUS configuration example     C-15

RDP     5-5

self-care, LDAP mode     10-3

status     10-2

troubleshooting     10-2

autopolicing     10-28

B

blocked services     C-14

branding     5-9, 10-4

BUNDLE_LENGTH attribute     5-8, 5-9, 12-2

bundled RADIUS server     D-1

burst rates     C-8, C-13

C

cacheExpireInterval     8-3

cacheMinFreeMem     8-2

cacheObjectTimeout     8-3

cacheSessionTimeout     8-3

caching

cache size     8-2

directory data     8-2

memory usage     8-2

profiles     5-5

RDP     10-3

SESM     5-5

SPE attributes     8-2

captiveportal.jetty.xml     3-14

captiveportal.xml     3-14, 11-10, 11-11, 11-24

Captive Portal application

alternatives     11-5

benefits     11-5

configuring     11-11

description     11-3

installing     2-15

IP address     2-15

ports     2-15

running secure mode     A-4

captiveportal MBean     11-11

captive portal solution

alternative configurations     11-5

configuration files     3-18

diagram     11-2

eliminating J2EE listeners     11-5

eliminating redirection types     11-5

example profiles     11-8

groups     11-19

installing     2-7, 11-6

NWSP role     11-4

required Cisco IOS releases     11-1

startup scripts     11-9

troubleshooting     11-23

CDAT

configuring     6-1

cookies     6-1

entering ACLs     10-26

installing     2-7, 2-19

links on main window     2-19, 6-3

logging in     6-3, 6-5

logging on     8-3

main window     3-6, 3-7

MBean     6-3

port number     2-19

session tuning     6-3

starting     9-3

stopping     9-6

timeouts     6-4

viewing generated ACLs     10-19

virtual memory     8-2

cdat.jetty.xml     4-2

cdat.xml     3-15, 6-1

certificates

keystore     A-2

SESM license     2-1

CHAP     C-7

Cisco Access Registrar     C-17

Cisco-AVpairs     C-9, C-15

Cisco IOS, required releases

captive portal features     11-1

complete ID     10-4

port-bundle host key     F-2

TCP redirect commands     11-7

Clear Text Passwords     B-3

clients

RADIUS server     12-5, C-1

RDP     2-14, 2-15

restricted for bundled RADIUS server     D-5

restricted for RDP     7-6

SSG subnets     2-9

Client subnet attribute     2-9

cn     2-12, 5-6, 6-3, B-2

comments, in MBeans     3-11

common name

See cn

complete ID     10-4, 10-5, 10-8

compressed images     2-2

concurrent services     C-7

config.xml     12-9

ConfigAgent     3-1, 3-16, 3-17, 5-19

configuration files

customizing     5-20

DTD     3-15

editing     3-14

MBean     3-1

names     3-14

path names in web.xml     13-8

See also J2EE; MBeans

confirmAtAccountLogoff attribute     5-14

confirmAtServiceLogoff attribute     5-14

confirmAtServiceLogon attribute     5-14

confirmMutexDisconnect attribute     5-5

connections

See automatic connections;services; directory

Connection MBean     8-3

connectionNameRoot attribute     8-2

console

installation mode     2-4

iPlanet     B-6

management     2-8, 3-5

NDS (ConsoleOne)     B-2, B-3

constructing MBeans     3-17

containers

directory     2-12, 8-2, 12-8

for port-bundle host key     4-1

Jetty     4-2

other than Jetty     4-2

See J2EE containers

WAR files     4-2

See also J2EE; Jetty server

content applications     11-4

context

attribute     8-2

directory     12-8

iPlanet and Sun ONE     B-4

NDS     B-1

path attribute     4-5

cookies     6-1, C-8

core model     2-7

CPDURATION query parameter     11-3, 11-18

CPSUBSCRIBER query parameter     11-3, 11-25

CPURL query parameter     11-3

CPU utilization     9-7

credentialMaxLength attribute     5-14

credentials attribute, SPE     8-3

customApplications attribute     5-12

custom installations     2-7

customizing applications     2-20

customProtocols attribute     5-12

D

debug attribute     4-4, 5-2

debugging     4-3, 5-2, 13-4

Debug MBean     4-4

debugPatterns attribute     4-4, 5-2

debugThreads attribute     5-3

debugVerbosity attribute     5-3

defaultDuration attribute     11-15, 11-18

default network     F-2

defaultPage attribute     11-15

defaultURI attribute     5-14, 11-17

defaultURL attribute     11-15

defineServiceRedirect attribute     11-12

demo data file     11-14

demoDataFile attribute     5-6

Demo mode

attributes     5-4

blocked services     C-14

data     5-6

installing     2-7

profiles     C-13

self-subscription     C-13

single sign-on     C-14

switching to     5-4

demos

arbitrary attributes     10-11

location awareness     10-8

deployer-imposed firewalls     10-12, 10-25

deployment modes, switching     2-7

DESS

configuration file     3-15

dessauth.xml     3-15, 6-1, 8-1

DESSMode MBean     5-6, 11-14

DESSPrincipal attribute, SPE     8-2

DESSusecasedata.ldf file     8-4

destination

service     C-7

URL     11-9

dictionary, RADIUS     C-2

direction attribute     5-13

directory

caching     8-2

configuring for SESM     B-1

connection information     2-11, 8-3

container     2-12, 8-2, 12-8

context     12-8

extending schema     2-19, 8-3

failover     8-3

installation results     2-20

IP address     2-11, 8-3, 12-8

logging activity     8-2

meta schema     2-12

organization     2-12, 12-8

password     2-11, 8-3

portal communication     12-9

ports     2-11, 8-3, 12-8

RDP communication     12-8

running during SESM install     1-6

sample data     8-4

user ID     2-11, 8-3, 12-8

Directory MBean     8-2

disconnecting autoconnect services     10-3

disconnectWhenUnsubscribe attribute     5-14

disk space     1-2

displayApplications attribute     5-13

distinguished name

See dn

dn     2-12, 5-6, 6-3

DNS     C-7

domain names     C-7

downloading SESM     2-2

DTD     3-15

dump attribute     7-5, D-4

duplicate locations     10-5, 10-6

duration

advertising redirection     2-17, 11-22

initial logon redirection     2-17

parameters     11-17

in Cisco IOS commands     11-22, 11-23

in HTTP requests     11-3

in RADIUS profiles     C-12

timing of     11-4

dynamic attribute definitions     C-5

dynamicAttributes attribute     7-4, D-4

E

edge session, SSG     C-11

editing configuration files     3-14

encryption     A-2

erp.xml     7-3, D-1, D-3

error redirections     2-16

errorURL attribute     11-13

established keyword, in ACLs     10-20

evaluation licenses     2-6

example

captive portal profiles     11-8

service group profiles     C-10

service profiles     C-9

subscriber profiles     C-15

examples

ACLs     10-21, 10-23

profiles     C-19

exceptions, out of memory     9-8, 13-9

executables

adding Windows services     9-7

installation     2-2

startup scripts     9-1

stop scripts     9-6

explicit IP address, SSG     5-9

extended access control lists     10-12

See also ACLs

extending directory schema     2-19, 8-3

F

factory attribute     8-2

failover, LDAP directory     8-3

features

configuring     10-1

filename attribute, in Log MBean     4-4

files

.iss     2-4

.properties     2-4

aaa.properties     5-6, C-19, D-1, D-4

aaa.xml     D-1, D-2

captiveportal.jetty.xml     3-14

captiveportal.xml     3-14, 11-10, 11-11, 11-24

cdat.jetty.xml     4-2

cdat.xml     3-15, 6-1

dessauth.xml     3-15, 6-1, 8-1

DESS configuration file     3-15

DESSusecasedata.ldf     8-4

erp.xml     7-3, D-1, D-3

installation image names     2-1, 2-2

installation results     2-20

J2EE configuration     3-18

keystore     A-2

lib.xml     6-1

licensenum.txt     2-6

MBean configuration     3-1

messageportal.xml     3-14, 11-13, 11-15

nwsp.jetty.xml     3-14, 4-2

nwsp.xml     3-14, 5-2, 11-16

pda.jetty.xml     3-14

pda.xml     3-14, 5-2

rdp.xml     3-14, 7-3

README.SESM.LDIF.html     2-20

ssgconfig.txt     11-7

startup scripts     9-3

wap.jetty.xml     3-14

wap.xml     3-14, 5-2

WAR     4-2

web.xml     2-20, 3-18

web.xml file     13-8

webdefault.xml     3-18

webdefaults.xml     3-18

web-jetty.xml     2-20, 3-19, 4-2

xmlconfig.dtd     3-15

See also logs

Firewall MBean     5-11

firewalls

administrative     10-25

Advanced Firewall page     10-16

applications list     5-11, 5-12, 5-13, 10-17, 10-18

configuring     10-18

deployer-imposed     10-12, 10-25

description     10-12

established keyword     10-20

generated ACLs     10-19

My Firewall page     10-14

priorities     10-13

protocols     5-11, 5-12

subscriber experiences     10-25

viewing ACLs in CDAT     10-19

See also ACLs

frames     C-8, C-12

frequency, in advertisement redirections     11-22, C-12

full name, in service profiles     C-8

G

generated ACLs     10-19

generic start script     9-4, A-3

global attributes, SSG     5-7, 5-16

greetings page

See initial logon redirection

group password

See service groups

groupPassword attribute     7-5

groups

captive portal     11-5, 11-7, 11-19

GUI installation mode     2-3

H

handler attribute     7-5, D-4

handlers

port-bundle host key     4-2

RDP     7-1, 7-8

hardware platforms     1-1

hierarchical policing     10-28, C-8, C-13

hobbies, captive portal advertisement     11-8, 11-14, 11-16

home

application     9-5

JDK     1-4

jetty     9-5

home page, URLs     C-12

host attribute     11-11

HTML Adaptor server     3-3, 3-5

HTML frames     C-8, C-12

HTTP

configuring listener port     2-8

errors     13-4

mode, removing     A-3

processing requests     11-2

redirections     2-16, 11-3

request log     13-4

SocketListener     4-6, 4-7

Version 1.1     11-25

HTTPS

description     A-2

keystore     4-7

keystore file     A-2

running secure-only mode     A-3

HttpServer MBean     4-5

I

idle timeout

services     C-7

sessions     C-11

ignoreProfile attribute     11-15

images

downloading installation     2-2

referenced in JSPs     5-20

inacls     10-16, 10-22

inetorgPerson attribute     2-12

initialCaptivateDuration attribute     11-12, 11-18

initialCaptivateOn attribute     11-11, 11-24

initialCaptivatePort attribute     11-12

initialCaptivateURL attribute     11-11

initializing MBeans     3-17

initial logon redirection

configuring     2-17, 11-11, 11-15, 11-22

duration     2-17

HTTP query parameters     11-3

port     2-17

profile attributes     C-12

initial URL     10-11

installing

captive portal solution     2-7, 2-15, 11-6

CDAT     2-7, 2-19

custom     2-7

Demo mode     2-7

directory     2-6

image for     2-1

individual components     2-7

iPlanet     B-4

JDK     1-5

JRE     1-3

license     2-6

logging during     2-5

Message Portal application     2-15

modes     2-3

NDS     B-1

NWSP     2-8

PDA     2-8

portal applications     2-7

prerequisites     1-1

RDP     2-7, 2-13

results     2-20, 11-6

SESM components     2-7

SPE     2-7

Sun ONE     B-4

temporary disk space for     1-2

typical     2-7

WAP     2-8

WSG     2-7

interestPages attribute     11-16

interests attribute     11-14, 11-16

Internet service, initial URL     10-11

IP addresses

Captive Portal application     2-15

directory     2-11, 8-3, 12-8

load balancing     E-1

location awareness     10-4

RADIUS server     2-10, 2-14, 12-4, 12-5

RDP     2-13, 12-7

RDP clients     2-15

SSG     2-9, 12-2, 12-3, F-3

troubleshooting RADIUS server     13-9

IP attribute     5-9

iPlanet

Console     B-6

dn     2-12, 5-6, 6-3

installing     B-1, B-4

password     2-11

tree and context     B-4

uid     2-11, 2-12

iss file     2-4

J

J2EE containers     3-1, 4-1, 13-9

J2EE listeners, eliminating     11-5

Jasper JSP framework     2-20

Java

memory usage     13-9

memory use     5-5, 9-8

security     A-1

virtual memory     8-2, 9-8

javadoc     2-20

Java Management Extensions

See JMX

Java Secure Sockets Extension     A-2

Java system properties

See system properties

JAXP XML parser, installing     2-20

JDK

installing     1-5

locating     1-4, 13-6

messages at startup     13-7

preinstalled     13-7

SESM startup scripts     1-4

specifying location     1-4

JDK_HOME     1-4, 1-5, 9-4

jetty.home     4-5, 4-7, 9-5

jetty.log     4-4, 13-4

Jetty server

certificates     A-2

configuring     4-2

installing     2-7

log files     13-4

port-bundle host key     4-1, 4-2

starting     9-1

stopping     9-6

troubleshooting     13-4, 13-9

See also J2EE containers

JIT relocation message     13-7

JMX

description     3-1

HTML Adaptor server     3-5

installing framework     2-20

path     2-20

server     3-1, 3-3, 5-19

JRE

installing     1-3

locating     1-4, 13-6

messages at startup     13-7

preinstalled     13-7

SESM startup scripts     1-4

specifications     1-3

specifying location     1-4

JSPs

description     5-19

framework path     2-20

installing framework     2-20

precompiling     2-20

recompiling     1-5

recompiling after changing     13-7

JSSE     A-2

JVM

arguments     9-8

location     1-4, 9-4

RDP     9-9

jvm arguments

changing     13-9

K

KeyPassword attribute     4-7

keys, next hop gateway     C-8, C-16

keystore     4-7, A-2

Keystore attribute     4-7

keytool facility     A-2

L

LDAP directory

See directory

LDAP mode

communication attributes summary     12-6

setting     5-4

lib.xml     6-1

license

obtaining number     2-1, 2-6

types, for installation     2-6

licensenum.txt file     2-6, 2-20

links, on CDAT main window     2-19

links attribute     6-3

Linux

stopping applications     9-6

supported platforms     1-1

well-known locations for JRE     13-6

load balancing     E-1

configuring with SSG     E-1

port-bundle host key     E-2

SESM IP address for     E-1

stickiness     E-2

loads, SSG tuning     5-8

LOCAL attribute     7-2

locale     10-4

LOCAL mode, RDP     7-2

localPort attribute     7-6, D-5

LOCATION attribute     10-5

location awareness

compared to locale     10-4

complete ID     10-4, 10-5, 10-8

configuring     5-15, 10-4

demonstrating     10-8

description     10-3

duplicates     10-6

images     10-5

IP subnets     10-4

location names     10-5

nested     10-6

overlapping     10-6

parameters     5-9

URLs     10-11

user shape     10-5

Location MBean     5-15, 10-4

locations attribute     5-15

locationService attribute     5-15

logDateFormat attribute     4-3, 5-3

logFile attribute     5-3

logFrame attribute     5-3

Logger MBean     5-2

logging off

portal applications     5-14

with automatic connections     10-3

logging on

to AgentView     6-4

to CDAT     6-3, 6-5, 8-3

to portal applications     9-5

to services     11-8, 11-11, 11-17

with automatic connections     10-2

logLabels attribute     4-3

Log MBean     4-3

logOneLine attribute     4-3

logs

application.home     4-4, 9-5

application.log     5-3, 13-4

configuring     4-3, 5-2

directory activity     8-2

file names     13-4

filenames     4-4, 5-3

installation activity     2-5

jetty.home     9-5

jetty.log     4-4, 13-4

Jetty server activity     4-3

portal activity     5-2

RDP console     7-5

request.log     4-5, 13-4

turning off     5-2

logStack attribute     5-3

logStackSize attribute     4-3

logStackTrace attribute     4-3

logTags attribute     4-3

logThread attribute     5-3

logTimeStamps attribute     4-3

logTimezone attribute     4-3

logToErr attribute     5-3

M

MainServlet MBean     6-2

management.portno     9-5

management console

configuring     3-5

port     2-8, 3-5, 9-4

removing     3-5

starting     3-5

See also HTML Adaptor server

ManagementConsole MBean     3-5, 5-3

mapping SSGs to clients     5-7, 5-18

MASK attribute     5-7, 5-9

masks     2-9, 5-19

MaxIdleTimeMs attribute     4-7

maxIdleTimeMs attribute     4-6

maximum length, usernames and passwords     5-14

maximum transmission unit     C-8

maxReadTimeMs attribute     4-6

MaxThreads attribute     4-7

maxThreads attribute     4-6, 7-6, D-5

maxVariables attribute     6-4

MBeans

AAA     5-10

captiveportal     11-11

CDAT     6-3, 7-3, 11-10, 11-13, D-2

changing     3-1

changing attribute values     3-2

comments in     3-11

ConfigAgent     3-17

Connection     8-3

constructing and initializing     3-17

Debug     4-2, 4-4

description     3-2, 3-17

DESSMode     5-6, 11-14

Directory     8-1, 8-2

Firewall     5-11

Jetty     4-2

Location     5-15, 10-4

Log     4-2, 4-3

Logger     5-2, 7-3, 11-10, 11-13, D-2

MainServlet     6-2

ManagementConsole     5-3, 7-3, 11-10, 11-13, D-2

messageportal     11-15

property tags in     3-11

RADIUSDictionary     7-4

RDP     7-4

read-only attributes     3-2

read-write attributes     3-2

Server     4-5

SESM     5-4, 11-14

SESMDemoMode     5-6, 11-14

SESMSocketListener     4-6

SESMSSLListener     4-7

SSG     5-7, 10-4

WebApp     5-13, 11-16

MBean View     3-4, 3-9

memory

argument in startup script     9-8

directory cache     8-2

exceptions     9-8, 13-9

portal applications     5-5, 9-8

RDP     9-9

requirements summary     1-2

reserved     9-8

setting java virtual memory     9-8

SSG     5-5, 7-2

use     5-5, 9-8

memRequired attribute     5-5

message duration

See duration

messageportal.host     11-11

messageportal.jetty.xml     3-14

messageportal.port     11-11

messageportal.xml     3-14, 11-13, 11-15

Message Portal application

configuring     11-15

description     11-4

installing     2-15

ports     2-16

running in secure mode only     A-4

timing of durations     11-4

messageportal MBean     11-15

messageRedirectDurationParam attribute     11-13

messageRedirectSubscriberParam attribute     11-13, 11-25

messageRedirectURLParam attribute     11-13

messages

at startup     13-7

meta schema, directory     2-12

Microsoft Windows

adding and removing services     9-7

platform specifications     1-1

stopping applications     9-7

minimum length, usernames and passwords     5-14

MinThreads attribute     4-7

minThreads attribute     4-6, 7-5, D-4

missing files     13-8

mode

argument to startup scripts     9-2

attribute     5-4

concurrent service     C-7

configuration setting     5-4

console installation     2-4

GUI installation     2-3

installation     2-3

RDP     7-2

running secure-only mode     A-3

sequential service     C-7

silent installation     2-4

switching deployment     2-7, 5-4

system property     5-4

modes

RDP     7-2

secure     A-3

monitoring applications     3-2, 3-12

MSISDN     C-11

MTU, PPP     C-8

multikey authentication     7-5, 10-28

mutually exclusive service groups     5-5, C-10

My Firewall page     5-11, 10-14

N

naming attribute     2-12, 6-3

NAS     C-1, C-2, C-11

NDS

Allow Clear Text Passwords     B-3

authenticating     B-3

container cn     2-12

directory cn     2-11

directory dn     2-12, 5-6, 6-3

directory password     2-11

installing     B-1

tree and context     B-1

nested locations     10-6

next hop

gateway     C-8, C-16

password     2-13, 7-5, 12-4

nextHopPassword attribute     7-5

noSubscribePermissionURI attribute     5-14, 11-17

Novell eDirectory

See NDS

NWSP

installing     2-7

port     2-8

role in captive portal solution     11-4

starting     9-1

virtual memory     8-2

nwsp.jetty.xml     3-14, 4-2

nwsp.xml     3-14, 5-2, 11-16

O

organization, LDAP directory     2-12, 12-8

original subscriber URL

See URLs

outacls     10-16, 10-22

out of memory exception     13-9

out of memory exceptions     9-8

overlapping locations     10-6

P

PAP     C-7

parent account, Demo mode     C-14

passthrough services     C-7

passwordMaxLength attribute     5-14

passwordMinLength attribute     5-14

passwords

Allow Clear Text Passwords     B-3

attributes for RDP     12-7

directory     2-11, 8-3

directory container     2-12

keystore     4-7

length     5-14

next hop     2-13, 7-5

service     2-10, 2-13, 5-10, 7-5, 12-4, 12-5, 13-9

service group     2-10, 2-13, 7-5

path names, of configuration files     13-8

PDA

application port     2-8

installing     2-7

pda.jetty.xml     3-14

pda.xml     3-14, 5-2

permissions

Demo mode     C-13

LDAP directory     2-11, 2-12

required for installation     2-3, 13-8

persisting attribute changes     3-11

personal firewalls     10-12

platforms, hardware     1-1

policies, mapping SSG to clients     5-7

poolSize attribute     8-3

PORT_BUNDLE_HOST_KEY_SWITCH attribute     5-8

portals

configuring     2-8, 5-1

CPU utilization     9-7

defined as NAS client     C-2

directory communication     12-9

J2EE containers     4-1

logging on     9-5

memory requirements     9-7

names     5-20, 9-3

ports     2-8

RADIUS communication     2-10, 12-5

running in secure mode     A-3

SSG communication     2-9, 12-2

starting     9-3

stopping     9-6

timeouts     5-8

troubleshooting     13-1

PORT attribute     5-7, 5-9, 12-2

PortBundleHandler     4-2

port-bundle host key

bundle length     5-8, 12-2, 12-3

Cisco IOS release     F-2

configuring     4-2, F-2

description     4-1, 5-16

IP addresses     F-3

Jetty     4-1

Jetty server     4-2

load balancing     E-2

location awareness     10-4

port bundles     2-9, 5-18

port-lists     11-19

port-map     F-3

ports

accounting     C-1

advertising redirection     2-17

application.portno     9-5

application.ssl.portno     9-5

authentication     C-1

Captive Portal application     2-15

CDAT     2-19

directory     2-11, 8-3, 12-8

initial logon redirection     2-17

Jetty listener     4-6

management.portno     9-5

management console     2-8, 3-5, 9-4, 9-5

Message Portal application     2-16

portal applications     2-8, 9-3, 9-5

RADIUS server     2-10, 2-14, 5-10, 7-7, 12-4

RDP     2-13, 12-7

service redirection     2-18

SSG     2-9, 5-7, 5-9, 12-2, 13-8

SSL     2-8, 4-7, 9-4, 9-5, A-3

startup scripts     9-3

troubleshooting     13-9, 13-10

unauthenticated user redirection     2-16

PPP

connections     11-20

maximum transmission unit     C-8

single sign-on     5-4

subscriber profiles     C-12

precompiling JSPs     2-20

predefined attributes     C-3

prepaidRedirectionURL attribute     5-14, 11-16

primaryIP attribute     5-10, 7-7

primaryPort attribute     5-10, 7-7

principal attribute, SPE     8-3

printTraceToConsole, DESS     8-2

priorities, firewalls     10-13

privileges

See permissions

profileCachePeriod attribute     5-5

profiles

ACLs     C-9, C-15

caching     5-5

defining new attributes     C-5

examples     C-9, C-10, C-15, C-19

for Demo mode     C-13

next hop gateway     C-16

PPP subscribers     C-12

service     C-6

service group     5-10, C-10

subscriber     C-11

properties files     2-4

See also system properties; aaa.properties file

Property tag, in XML files     3-11, 3-17

protocols

CHAP     C-7

handlers, RDP     7-8

on firewall pages     5-11, 10-17

PAP     C-7

proxy

RDP mode     2-14, 7-2, 12-9

service type     C-7

Proxy mode, RDP     7-2

Q

quality of service     10-28, C-8, C-13

queryMaxResults attribute     6-4

query parameters, HTTP redirections     11-3

queryTimeout attribute     6-4

R

RADIUS

$ subattributes     C-13

AAA MBean     5-10

access accept messages     C-13

attributes     7-4

clients     12-5, C-1

dictionary     7-4, C-2

mode     5-4, 12-3

password     F-2

predefined attributes     C-3

primary server     2-10, 2-14

requirements for SESM installation     1-5

secondary server     2-10, 2-14, 12-5

RADIUS Data Proxy

See RDP

RADIUSDictionary MBean     7-4

RADIUS server

accounting port     C-1, C-16

authentication port     C-1

bundled SESM     D-1

installing bundled     2-7

portal communication     2-10, 2-14, 12-5, 13-9

RDP communication     12-10

SSG communication     12-4, 13-9

troubleshooting     13-9

See also ports

radius-server parameter     13-10

RADIUS shared secret

configuring on RADIUS server     C-2

with portals     2-10

with RDP     2-14

with SSG     2-9

RAM     1-2, 9-8, 9-9

RBAC     2-19, 8-3

RDP

adding clients     2-14, 7-6

Add Services option     2-14, 7-2

authentication     7-8

automatic connections     5-5, 7-2, 10-2

caching     10-3

client IP addresses     2-15

console messages     7-5

defining new attributes     7-4

directory communication     12-8

handlers     7-1, 7-5

installing     2-7, 2-13

IP address     2-13, 12-7

listeners     7-1

LOCAL mode     7-2

memory requirements     9-9

modes     7-2

next hop password     2-13, 7-5

port     2-13, 12-7

protocol handlers     7-8

RADIUS communication     2-14, 12-10

restricted client feature     2-13, 2-14, 7-6, D-5

service password     2-13, 12-7

shared secret     2-13, 2-14, 2-15

SSG communication     2-13, 12-7

starting     9-2

stopping     9-6

troubleshooting     13-3

virtual memory     8-2

See also Proxy mode; RDP

rdp.xml     3-14, 7-3

RDP MBean     7-4

README.SESM.LDIF.html file     2-20

read-only attributes, in MBeans     3-2

read-write attributes, in MBeans     3-2

recompiling JSPs     1-5, 13-7

redirectOn attribute     11-15

refresh interval     3-2

registering MBeans     3-17

releases

See Cisco IOS

Reload button     3-10

reload interval     3-10

remote management tool     3-3

See also Agent View

request.log     4-5, 13-4

reserved memory     9-8

restricted client feature

See RDP

retainDays attribute     4-4, 4-5

RETRIES attribute     5-7

retryCount attribute     5-10, 7-7

returnOption attribute     5-13

roles, loading     2-19

S

sample LDAP data     8-4

schema, extending     2-19, 8-3

secondaryIP attribute     5-10, 7-7

secondaryPort attribute     5-10, 7-7

SECRET attribute     5-7, 5-9, 12-2

secret attribute     5-10, 7-6, 7-7

secure socket listener

See SSL

security     A-1

self-subscription, Demo mode     C-13

sequential service mode     C-7

Server MBean     4-5

servers

See Jetty Server; J2EE; JMX; RADIUS Server

service

connection     5-14

cookies     C-8

destinations     C-7

groups

in service profiles     C-12

mutually exclusive     5-5, C-10

password     2-10, 2-13, 5-10, 7-5, 12-5

profiles     C-10

idle timeout     C-7

logons     11-8, 11-11, 11-17

names     2-18, C-12

next hop gateway     C-8

object, SSG     C-7

passthrough     C-7

password     7-5

proxy     C-7

query parameter in HTTP redirection     11-3

routes     11-24

status     10-2

timeouts     C-7

tunnel     C-7

types     C-10

URL     11-3

See also automatic connections; profiles

service group name, Demo mode     C-13

serviceGroup Password attribute     5-10

serviceLogonURI attribute     5-14, 11-17

serviceNotGivenURI attribute     2-18, 5-14, 11-4, 11-16

servicePassword attribute     5-10, 7-5

serviceportal.host     11-11

serviceportal.host system property     2-16

serviceportal.port     2-16, 11-11

service proxy     C-7

serviceRedirectDefaultURL attribute     11-9, 11-12

service redirection

configuring     2-18, 11-11, 11-20

content application for     2-16

HTTP query parameters     11-3

logon pages     11-8

ports     2-18

service names     2-18

service routes     11-24

shared address space     11-21

URL     11-12

serviceRedirectOn attribute     11-11, 11-24

serviceRedirectServiceParam attribute     11-13

serviceRedirectSubscriberParam attribute     11-13, 11-25

serviceRedirectURLParam attribute     11-13

serviceStartURI attribute     5-14, 11-17

serviceSubscriptionURI attribute     5-14, 11-17

serviceURL query parameter     11-3

sesm.mode     5-4

SESMDemoMode MBean     5-6, 11-14

SESM MBean     5-4, 11-14

SESMSession object     10-5

SESMSocketListener MBean     4-6

SESMSSLListener MBean     4-7

SESSION_BRAND     5-9

SESSION_LOCATION     5-9

sessionCachePeriod attribute     5-5

sessionTimeOut attribute     5-14

sessionTimeout attribute     6-3

session timeouts     C-11

setSubnetAttribute call     5-9

setup type     2-7

shared address spaces, service redirection     11-21

shared secret

configuring on RADIUS     C-2

description     12-3

RADIUS and portals     2-10, 5-10, 7-7, 12-5, 13-9

RADIUS and SSG     2-9, 5-7, 12-2, 12-4, F-2

RDP and RADIUS     2-14

RDP and SSG     2-13, 2-15, 12-7

SSG and portals     13-8

troubleshooting     13-10

silent installation mode     2-4

single sign-on     5-4, 10-3, C-14

singleSignOn attribute     5-4

SMTP redirection     C-13

Solaris

patches     1-3

platform specifications     1-1

stopping applications     9-6

well-known locations for JRE     13-6

source ip command     F-3

space requirements     1-2

SPE

caching     8-2

configuration file     8-1

installing     2-7

virtual memory     8-2

specifications

disk space     1-2

Java     1-3

RAM     1-2, 9-8, 9-9

SSG

clients to RDP     2-15

complete ID     10-4, 10-5, 10-8

configuring     2-9, 5-16, F-1

defining as NAS client     C-2

duration parameters     11-18

edge session     C-11

explicit IP address     5-9

global attributes     5-7, 5-16

IP address     2-9, 12-2, 12-3, F-3

load balancing     E-1

mapping clients     5-16

mapping policies     5-7

mapping subnets     2-9, 5-18

MBean     5-7, 10-4

memory     5-5, 7-2

port     12-2, 12-3

portal communication     2-9, 12-2

port-map     F-3

RADIUS server communication     12-4, 13-9

RADIUS server ports     2-9, C-1

RDP communication     2-13, 12-7

releases      10-4, 11-7, F-2

requirements during SESM installation     1-5

service object     C-7

shared secret     2-9, 2-13, F-1

subnet attributes     5-9, 5-16

tuning SESM loads     5-8

See also TCP redirections; port-bundle host key

ssgconfig.txt     11-7, 11-8

SSGIPPolicyClass     5-7

SSL     2-8, 4-7, 9-4

certificates     A-2

port number     9-5

running secure-only mode     A-3

stackTrace, DESS     8-2

starting

bundled RADIUS server     D-2

CDAT     9-3

error messages     13-7

Jetty server     9-1

portals     9-1

RDP     9-2

startup scripts

application names in     5-20, 9-3

application-specific     9-3

captive portal     11-9

customizing     5-20

description     9-3

failure     13-4

generic     9-4

HTTPS mode     A-3

Java system properties     3-18, 9-4, 9-5

JDK_HOME     1-4, 9-4

JDK reference     1-4, 1-5

JRE reference     1-4

jvm arguments     9-8, 13-9

memory     9-8, 9-9

mode argument     9-2

port references     9-3

status, of services     10-2

stickiness     E-2

stopping SESM processes     9-6

Store button     3-11

subinterface, in location awareness     10-4

subnet attributes, SSG     2-9, 5-9, 5-16

subscriber name     11-3

subscriber profiles

See profiles

Sun ONE

dn     2-12

installing     B-1, B-4

password     2-11

tree and context     B-4

uid     2-11, 2-12

Sun Solaris

See Solaris

support, technical     2-6

suppressStack attribute     4-4

suppressWarnings attribute     4-4

system properties     3-17, 9-4, 9-5

SystemProperty tag, in XML files     3-11, 3-17

T

tar files     2-2

TCP redirections

configuring     11-7

eliminating types     11-5

SMTP forwarding     C-13

types     11-3

See also advertising redirection; initial logon redirection; service redirection; unauthenticated user redirection

technical support     2-6

Telnet interface     F-3

temporary disk space     1-2

This     10-22

THROTTLE attribute     5-8

throttle attribute     5-10, 7-6

timeOut attribute     5-10, 7-6

timeouts

CDAT     6-4

portals     5-8

service     C-7

service profile     C-7

session     C-11

TIMEOUTSECS attribute     5-7

tokenCheckInterval attribute     5-6

tokenMaxAge attribute     5-6

tools directory     2-20

trace attribute     5-3

traceFileName, DESS     8-2

traceLevel, DESS     8-2

tree, LDAP directory     12-8, B-1, B-4

troubleshooting

automatic connections     10-2

captive portal solution     11-23

CDAT     6-1

configuration file location     13-8

diagnostic procedures     13-1

JRE location     13-6

RDP     13-3

SESM portal applications     13-1, 13-8

web server     13-9

tuning CDAT sessions     6-3

tunnel services     C-7, C-9

typical installation     2-7

U

uid     2-12, 5-6, 6-3, B-4

unauthenticated user redirection

configuring     2-16, 11-11, 11-20

HTTP query parameters     11-3

port     2-16

unavailable web server     13-9

unconnected service redirection

See service redirection

Undo button     3-11

uninstalling SESM     1-6, 2-20

unique identifier     2-12, 5-6, 6-3

Unregister button     3-10

URL

initial     10-11

location-based     10-11

service redirection     11-12

unconnected service redirection     11-12

URLs

AgentView     3-6

attribute for LDAP server     8-3

destination, for service redirections     11-9

home page     C-12

service     C-8

subscriber's original

availability     11-6, 11-15

Captive Portal application     11-3, 11-5

duration before redirecting     11-17

Message Portal     11-4, 11-12, 11-15

parameter specifying     11-3, 11-13

user

groups, in Demo mode     C-13

ID, for directory     2-11, 8-3, 12-8

ID, for directory container     2-12, 8-2

shape     10-4, 10-5

username

full name in service profiles     C-8

length     5-14

query parameter in HTTP redirection     11-3

usernameMaxLength attribute     5-14

usernameMinLength attribute     5-14

userRedirectOn attribute     11-11, 11-24

userRedirectPort attribute     11-12

userRedirectURL attribute     11-11

userRedirectURLParam attribute     11-13

V

vendor-specific attributes

See VSAs

verbose attribute     4-4

virtual

host name     4-5

memory     8-2, 9-8, 9-9

private dial-up network (VPDN)     C-9

VPI, location awareness parameter     10-4

VSAs     C-2, C-3

W

WAP

application port     2-8

installing     2-7

wap.jetty.xml     3-14

wap.xml     3-14, 5-2

WAR files     4-2

warning

during installation     2-11

in log files     5-2

logging configuration attribute     5-3

web.xml     2-20, 3-18, 13-8

webapp directory     2-20

WebApp MBean     5-13, 11-16

web archive files

See WAR files

webdefault.xml     3-18

WEB-INF directory     2-20

web-jetty.xml file     2-20, 3-19, 4-2

web portals

See portals

Web Services Gateway     2-7

Windows

See Microsoft Windows

WSG     2-7

X

xmlconfig.dtd     3-15

XML files

See J2EE configuration files; files

X server     13-7

Z

zip files     2-2

Posted: Fri Oct 18 10:03:19 PDT 2002
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.