< Home

Settings

This section describes the basic configurations of SACG.

Enabling SACG

This function is successfully enabled only if the Agile Controller server is correctly configured.

  1. Choose Network > SACG > Settings.
  2. On the Configure SACG Basic Parameter page, select Enable of the SACG.

Enabling Status Detection

This function checks the status of the connection between the device and the Agile Controller server.

The status detection determines whether the number of connected Agile Controller servers is smaller than the minimum number of active servers. If yes, open the emergency channel to allocate all permissions to users; otherwise, disable the emergency channel to restore to original permissions.

The Minimum Number of Active Servers option takes effect only after the function is enabled.

  1. Choose Network > SACG > Settings.
  2. On the Configure Basic SACG Parameter page, select Enable of the Status Detection.

Setting the Minimum Number of Active Servers

It indicates the minimum number of the Agile Controller servers connecting to the device.

When the status detection function is enabled and the number of connected Agile Controller servers is smaller than the value, the device enables the emergency channel; otherwise, the device disables it.

This option takes effect only after the status detection function is enabled.

  1. Choose Network > SACG > Settings.
  2. On the Configure Basic SACG Parameter page, enter a value for Minimum Number of Active Servers.

Configuring the Function of Checking Third-Party Server Health Check

This function can check the number of active third-party servers.

In SACG scenarios, some account and password information is stored on the Agile Controller server, and some account and password information is stored on the third-party authentication server. When a user enters the account and password on the client to initiate an identity authentication request, if the account and password are stored on the Agile Controller server, the Agile Controller server authenticates the user. If the account and password are stored on the third-party authentication server, the AC-Campus will send the account information to the third-party server for authentication. The third-party server sends the authentication result to the AC-Campus. The AC-Campus authorizes the user based on the authentication result.

In the scenario where user authentication is done on the Agile Controller server, if the Service Controller detects that the number of active Agile Controller server is smaller than the configured smallest value, the emergency channel is enabled. The Service Controller cannot detect whether the third-party authentication server is active. If an exception occurs, user authentication cannot be done on the third-party authentication server. In this case, the FW acting as the SACG needs to check the health of the third-party authentication server. If the health status of the third-party authentication server is Down, the FW enables the emergency channel, ensuring service continuity. After the fault is rectified, the emergency channel is automatically disabled, and the original permission control for the user is restored.

  1. Choose Network > SACG > Settings.
  2. On the Configure Basic SACG Parameter page, enter a value for The Health Check of the Third-party Server.

Setting the Source IP Address Authentication

It indicates the source IP address for initiating the interworking between the device and Agile Controller server. The Agile Controller server determines routes according to this IP address.

  1. Choose Network > SACG > Settings.
  2. On the Configure Basic SACG Parameter page, enter an IP address for Source IP Address.

Enabling the Emergency Channel

If the emergency channel is enabled, all permissions are available to users; otherwise, users have only original permissions.

The Status Detection and The Health Check of the Third-party Server results determine whether the emergency channel is enabled:
  • The Status Detection function determines whether the number of connected Agile Controller servers is smaller than the minimum number of active servers. If yes, the device enables the emergency channel.
  • The Health Check of the Third-party Server checks the health status. If the health check state is DOWN, the device enables the emergency channel for non-stop services.

If the result of either detection is abnormal, the emergency channel is enabled. The emergency channel is disabled only when the results of both detections are normal.

Configuring the Agile Controller Server

By configuring the Agile Controller server, you can add the Agile Controller server interworking with the device, and configure the port and pre-shared key for mutual communication between the device and the Agile Controller server.

  1. Choose Network > SACG > Settings.
  2. On the Configure Basic SACG Parameter page, click the Authentication Server List tab.
  3. Click Add and set parameters.

    Parameter

    Description

    Server IP

    Indicates the IP address of a Agile Controller server.

    Server Port

    Indicates the port used for the communication between the device and Agile Controller server, which must be consistent with the port of the Agile Controller server.

    Shared Key

    Indicates the shared key used for the communication between the device and Agile Controller server, which must be consistent with the shared key of the Agile Controller server.

  4. Click OK.

Adding an Authenticated URL

After you configure an authenticated URL, the system can use it to push web pages.

  1. Choose Network > SACG > Settings.
  2. On the Configure Basic SACG Parameter page, click the URL Authentication List tab.
  3. Enter the URL who pushes the web page and click Add. The URL is displayed in the list.

Viewing SACG Statistics

SACG statistics comprise the number of online users, online and offline information, COPS packet information, and error request count.

  1. Choose Network > SACG > Settings.
  2. On the Configure Basic SACG Parameter page, click the SACG Statistics List tab to view SACG statistics.
  3. Click the link corresponding to Number of Online Users. The Monitor page is displayed. Then you can maintain online users.

Disconnecting Selected Online Users

  1. Choose Network > SACG > Settings.
  2. On the Configure Basic SACG Parameter page, click the SACG Statistics List tab to view SACG statistics.
  3. Click the link corresponding to Number of Online Users. The Monitor page is displayed.
  4. Select the check boxes of online users to be disconnected and click Disconnect. Selected online users are forcibly disconnected.

Disconnecting All Online Users

  1. Choose Network > SACG > Settings.
  2. On the Configure Basic SACG Parameter page, click the SACG Statistics List tab to view SACG statistics.
  3. Click the link corresponding to Number of Online Users. The Monitor page is displayed.
  4. Click Disconnect All. All online users (except privileged users) are forcibly disconnected.
Parent Topic: Configuring SACG Interworking Using the Web UI
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >