Filter
Top Products
D-Link DWS-1008 CLI Manual 196
Usage: You can configure different authentication methods for different groups of users by
“globbing.”
You can configure a rule either for wireless access to an SSID, or for wired access through a
switch’s wired authentication port. If the rule is for wireless access to an SSID, specify the SSID
name or specify any to match on all SSID names. If the rule is for wired access, specify wired
instead of an SSID name.
If you specify multiple authentication methods in the set authentication web command, MSS
applies them in the order in which they appear in the command, with these results:
• If the first method responds with pass or fail, the evaluation is final.
• If the first method does not respond, MSS tries the second method, and so on.
• However, if local appears first, followed by a RADIUS server group, MSS overrides any
failed searches in the local database and sends an authentication request to the server
group.
MSS uses a WebAAA rule only under the following conditions:
• The client is not denied access by 802.1X or does not support 802.1X.
• The client’s MAC address does not match a MAC authentication rule.
• The fallthru type is web-portal. (For a wireless authentication rule, the fallthru type is
specified by the set service-profile auth-fallthru command.
For a wired authentication rule, the type is specified by the auth-fall-thru option of the set port
type wired-auth command.)
Examples: The following command configures a WebAAA rule in the local database for SSID
ourcorp and userglob rnd*:
DWS-1008# set authentication web ssid ourcorp rnd* local
success: change accepted.
See Also:
• clear authentication web
• set authentication admin
• set authentication console
• set authentication dot1x
• show aaa