Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Verifying Integration with an IC Series Unified Access Control Appliance


    The user role-based policy feature depends on integration with a compatible IC Series appliance. After you have configured the IC Series appliance to communicate with the IDP Series device, you can use the IDP OS command-line interface (CLI) to verify connectivity and verify receipt of the user session data used in user role-based policies.

    If you encounter connectivity issues, you most likely need to troubleshoot from the IC Series side of the communication. From the IDP Series side, you need to ensure the IDP Series device can receive data from the IC Series appliance on port 7103 (that is, that your firewall does not block port 7103).


    To verify integration with an IC Series appliance:

    1. Log into the CLI as admin and enter su - to switch to root.
    2. Enter the following command to verify connectivity:

      [root@defaulthost admin]# scio user status
      IDP-IC Connectivity is...........[Up]
      User Session Table Lookup........[Enabled]
    3. Enter the following command to display the user session table:

      [root@defaulthost admin]# scio user list
      1. IP[] USER[test3]  ROLES(1)[test-users3]
      2. IP[] USER[test2]  ROLES(1)[test-users2]
      3. IP[] USER[test]  ROLES(1)[test-users]
      Total Matches Found (3)
      [root@defaulthost ~]#
    4. Enter the following command to display a counter of changes made to the user session table:

      [root@defaulthost admin]# scio user counters list all
                 | SUCCESS   | FAILURE   |
             Add |         3 |         0 |
          Delete |         0 |         0 |
          Lookup |         0 |         0 |

    Published: 2011-02-08