Filter
Top Products
298 CHAPTER 8: CONFIGURING AUTHENTICATION, AUTHORIZATION, AND ACCOUNTING PARAMETERS
Viewing and
Configuring
RADIUS Settings
Remote Authentication Dial-In User Service (RADIUS) is a client-server
security protocol that provides authentication, authorization, and
accounting for network users and devices. A RADIUS server stores user
profiles, which include usernames, passwords, and other user attributes.
After you have defined RADIUS servers, you define RADIUS server groups
(named sets of RADIUS servers). You must create at least one server
group.
RADIUS server groups can authenticate administrators and network
users. You can specify up to four RADIUS server groups for AAA services
in a 3Com Mobility System.
Although you can use the local database on the WX switch to
authenticate users, 3Com recommends using RADIUS to accommodate
the large number of users in an enterprise network.
For information about the RADIUS attributes supported by MSS, see the
Wireless LAN Switch and Controller Configuration Guide
url
(network access
mode only)
URL to which the user is
redirected after
successful WebAAA.
Web URL, in standard format. For
example:
http://www.example.com
You must include the http:// portion.
vlan-name
(network access
mode only)
Virtual LAN (VLAN)
assignment.
VLAN-Name is a 3Com
vendor-specific
attribute (VSA). The
vendor ID is 43, and the
vendor type is 1.
On some RADIUS
servers, you might need
to use the standard
RADIUS attribute
Tunnel-Pvt-Group-ID,
instead of VLAN-Name.
Name of a VLAN that you want the
user to use. The VLAN must be
configured on a WX switch within
the Mobility Domain to which this
WX switch belongs.
Table 22 Authentication Attributes for Local Users (continued)
Attribute Description Valid Value(s)