Filter
Top Products
5
CONFIGURING AUTHENTICATION
This chapter describes how clients are authenticated through the 700wl Series system, and explains how
to configure authentication policies. The topics covered in this chapter include:
Authentication in the 700wl Series System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1
The Rights Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4
Authentication Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4
Configuring Authentication Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7
Configuring an LDAP Authentication Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8
Configuring the 802.1X Authentication Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16
Configuring a Kerberos Authentication Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-17
Configuring a RADIUS Authentication Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-19
Using RADIUS for Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20
Configuring an XML-RPC Authentication Service . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22
NT Domain Logon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-27
External Identity Retrieval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-28
Logon Page Customization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-30
Tools and Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-42
Simulating User Rights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-42
Tracing Authentication Service Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-47
Importing and Exporting the Rights Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 5-49
You can configure both Authentication Policies and Access Policies through the Rights Manager. This
chapter focuses on Authentication Policies. Access Policy configuration is discussed in
Chapter 4,
“Configuring Rights”.
Note:
You must have Policy Administrator or Super Administrator access to perform the functions
described in this chapter.
Authentication in the 700wl Series System
The 700wl Series system grants network access rights to a client based on who the client is, where they
connect to the 700wl Series system, and when (day, date, and time) they make the connection. The
“where” and “when” are the client’s location (the Access Controller port through which it is connected)
and the time window in which the connection exists. These, along with an optional VLAN tag
5-1