Filter
Top Products
Configure Employee Access Services 63
Configure Attributes on the RADIUS Server To authenticate users,
you will need to configure users either in the local database or on RADIUS
servers. To configure services for Employee access, the following items
should be configured on the RADIUS server.
To configure the RADIUS server:
1 Configure RADIUS server to perform 802.1X using the recommended
EAP method PEAP + MS ChapV2.
2 Setup each WX switch as a RADIUS client.
3 Define any desired 3Com vendor-specific attributes (VSAs) in the RADIUS
server’s dictionary.
The vendor-specific attributes (VSAs) created by 3Com are embedded
according to the procedure recommended in RFC 2865, with Vendor-ID
set to 14525. Table 10 describes the 3Com VSAs, listed in order by
vendor type number.
Table 10 3Com VSAs
Attribute
Type,
Vendor
ID,
Vendor
Type
Rcv in
Access
Resp?
Sent in
Access
Reqst?
Sent in
Acct
Reqst? Description
VLAN-Name 26,
43,
2
Yes No Yes Name of the VLAN to which the client belongs.
Mobility-Profile 26,
43,
3
Yes No No Name of the Mobility Profile used by the authorized
client.
Encryption-Type 26,
43,
4
Yes No No Type of encryption used to authenticate the client.
Time-Of-Day 26,
43,
5
Yes No No Day(s) and time(s) during which a user can log into
the network.
SSID 26,
43,
6
Yes No Yes Name of the SSID you want the user to use. The
SSID must be configured in a service profile, and the
service profile must be used by a radio profile
assigned to 3Com radios in the Mobility Domain.