Dell 6.2 Server User Manual

Open as PDF

of 869

In the WebUI

1. Navigate to the Configuration > Security > Authentication > AAA Profiles page.

2. Select the default profile or a user-defined AAA profile.

3. Click the Initial Role drop-down list, and select the desired user role for unauthenticated users.

4. Click the 802.1x Authentication Default Role drop-down list and select the desired user role for users who have

completed 802.1x authentication.

5. Click the MAC Authentication Default Role drop-down list and select the desired user role for clients who have

completed MAC authentication.

6. Click Apply.

In the CLI

(host)(config) #aaa profile <profile>

initial-role <role>

d>ot1x-default-role <role>

mac-default-role <role>

For additional information on creating AAA profiles, see "AAA Profile Parameters" on page 319.

Working with User-Derived VLANs

Attributes derived from the client’s association with an AP can be used to assign the client to a specific role or

VLAN, as user-derivation rules are executed before the client is authenticated.

You configure the user role or VLAN to be assigned to the client by specifying condition rules; when a condition is

met, the specified user role or VLAN is assigned to the client. You can specify more than one condition rule; the

order of rules is important as the first matching condition is applied. You can optionally add a description of the

user rule.

Table 82 describes the conditions for which you can specify a user role or VLAN.

Rule Type Condition Value

BSSID: Assign client to a role or VLAN based

upon the BSSID of AP to which client is

associating.

One of the following:

l contains

l ends with

l equals

l does not equal

l starts with

MAC address (xx:xx:xx:xx:xx:xx)

DHCP-Option: Assign client to a role or VLAN

based upon the DHCP signature ID.

One of the following:

l equals

l starts with

DHCP signature ID.

NOTE: This string is

not

case sensitive.

DHCP-Option-77: Assign client to a role or VLAN

based upon the user class identifier returned by

DHCP server.

equals string

Encryption: Assign client to a role or VLAN based

upon the encryption type used by the client.

One of the following:

l equals

l does not equal

l Open (no encryption)

l WPA/WPA2 AES

l WPA-TKIP (static or dynamic)

l Dynamic WEP

l WPA/WPA2 AES PSK

Table 82:

Conditions for a User-Derived Role or VLAN

DellPowerConnectW-SeriesArubaOS6.2 | User Guide Rolesand Policies | 306

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Dell 6.2 Server User Manual