Filter
Top Products
DellPowerConnectW-SeriesArubaOS6.2 | User Guide AuthenticationServers | 168
Chapter 12
Authentication Servers
The ArubaOS software allows you to use an external authentication server or the controller internal user database to
authenticate clients who need to access the wireless network.
This chapter describes the following topics:
l "Understanding Authentication Server Best Practices and Exceptions" on page 168
l "Understanding Servers and Server Groups" on page 168
l "Configuring Servers" on page 169
l "Managing the Internal Database" on page 175
l "Configuring Server Groups" on page 177
l "Assigning Server Groups" on page 184
l "Configuring Authentication Timers" on page 187
Understanding Authentication Server Best Practices and Exceptions
l In order for an external authentication server to process requests from the Dell controller, you must configure the
server to recognize the controller. Refer to the vendor documentation for information on configuring the
authentication server.
l Instructions on how to configure Microsoft’s IAS and Active Directory can be viewed at:
Microsoft’s IAS
http://technet2.microsoft.com/windowsserver/en/technologies/ias.mspx
Active Directory
http://www.microsoft.com/en-us/server-cloud/windows-server/active-directory.aspx
Understanding Servers and Server Groups
ArubaOS supports the following external authentication servers:
l RADIUS (Remote Authentication Dial-In User Service)
l (Lightweight Directory Access Protocol)
l TACACS+ (Terminal Access controller Access Control System)
l Windows (For stateful NTLM authentication)
Additionally, you can use the controller’s internal database to authenticate users. You create entries in the database
for users and their passwords and default role.
You can create
groups
of servers for specific types of authentication. For example, you can specify one or more
RADIUS servers to be used for 802.1x authentication. The list of servers in a server group is an ordered list. This
means that the first server in the list is always used unless it is unavailable, in which case the next server in the list is
used. You can configure servers of different types in one group — for example, you can include the internal database
as a backup to a RADIUS server.