3Com WX2200 3CRWX220095A Switch User Manual

Key and Certificate Configuration Scenarios 427
Creating Self-Signed Certificates 427
Installing CA-Signed Certificates from PKCS #12 Object Files 429
Installing CA-Signed Certificates Using a PKCS #10 Object File (CSR) and a
PKCS #7 Object File 431
About AAA for Network Users 433
Authentication 433
Authorization 438
Accounting 440
Summary of AAA Features 440
AAA Tools for Network Users 441
“Globs” and Groups for Network User Classification 442
AAA Methods for IEEE 802.1X and Web Network Access 442
IEEE 802.1X Extensible Authentication Protocol Types 446
Ways a WX Switch Can Use EAP 447
Effects of Authentication Type on Encryption Method 448
Configuring 802.1X Authentication 449
Configuring EAP Offload 449
Using Pass-Through 450
Authenticating via a Local Database 450
Binding User Authentication to Machine Authentication 451
Configuring Authentication and Authorization by MAC Address 456
Adding and Clearing MAC Users and User Groups Locally 456
Configuring MAC Authentication and Authorization 457
Changing the MAC Authorization Password for RADIUS 459
Configuring Web Portal WebAAA 460
How WebAAA Portal Works 460
WebAAA Requirements and Recommendations 462
Configuring Web Portal WebAAA 467
Using a Custom Login Page 471
Using Dynamic Fields in WebAAA Redirect URLs 475
Using an ACL Other Than portalacl 476
Configuring the Web Portal WebAAA Session Timeout Period 477
Configuring the Web Portal Logout Function 478
Configuring Last-Resort Access 479