3Com 3CRWX440095A Webcam User Manual

Open as PDF

of 536

198 CHAPTER 7: AAA COMMANDS

You can configure a rule either for wireless access to an SSID, or for wired

access through a WX switch’s wired authentication port. If the rule is for

wireless access to an SSID, specify the SSID name or specify any to match

on all SSID names. If the rule is for wired access, specify wired instead of

an SSID name.

If you specify multiple authentication methods in the set authentication

last-resort command, MSS applies them in the order in which they

appear in the command, with these results:

 If the first method responds with pass or fail, the evaluation is final.

 If the first method does not respond, MSS tries the second method,

and so on.

However, if local appears first, followed by a RADIUS server group, MSS

overrides any failed searches in the local WX database and sends an

authentication request to the server group.

MSS uses a last-resort authentication rule under the following conditions:

 The client is not denied access by 802.1X or does not support 802.1X.

 The client’s MAC address does not match a MAC authentication rule.

 The fallthru method is last-resort. (For a wireless authentication rule,

the fallthru method is specified by the set service-profile

auth-fallthru command. For a wired authentication rule, the fallthru

method is specified by the auth-fall-thru option of the set port type

wired-auth command.)

For wireless access, MSS appends the requested SSID name to the user

name last-resort. For example, if the requested SSID is mycorp, MSS

attempts to authenticate the user last-resort-mycorp. If the RADIUS server

or local database used as the authentication method has the user

last-resort-mycorp, access is granted. Otherwise, access is denied.

If the SSID specified in the last-resort authentication rule is any, MSS

searches for user last-resort-any. The any in the username is not a

wildcard. The username must be last-resort-any, exactly as spelled here.

Examples — The following command configures a last-resort

authentication rule in the local WX database for SSID mycorp:

WX4400# set authentication last-resort ssid mycorp local

success: change accepted.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

3Com 3CRWX440095A Webcam User Manual