Filter
Top Products
User authentication
Key concepts
Key concepts
Note This chapter discusses user authentication as it applies to controlled APs only. For
information on working with autonomous APs, see Chapter 14: Working with autonomous
APs.
User authentication tasks can be handled either by the AP or by the service controller. This is
controlled by the settings of the access control and authentication options set on the VSC to
which a user is assigned. See About access control and authentication on page 2-6.
Authentication support on a service controller
The following authentication types are supported on the service controller for both wired and
wireless clients (except where noted):
802.1X (Wired 802.1X users can only be supported on the default VSC profile if access
control is enabled. 802.1X wired users can be supported on other VSCs only if the 802.1X
RADIUS Access Request contains a VLAN-Id indication using the Colubris VSA.)
MAC-based (wireless users only)
HTML-based (Wired HTML-based users can only be supported on the default VSC profile
if access control is enabled. Wired HTML-based users on a VLAN can be supported on any
VSC profile as long as access control is enabled and the appropriate VLAN is defined as
the VSC ingress.)
VPN-based (Wired VPN-based users can only be supported on the default VSC profile if
access control is enabled. Wired HTML-based users on a VLAN can be supported on any
VSC profile as long as access control is enabled and the appropriate VLAN is defined as
the VSC ingress.)
The service controller can validate user login credentials using the local user list (integrated
RADIUS server), a third-party RADIUS server, or an external Active Directory service. For
information on configuring these options:
Authentication server See
Integrated RADIUS server Locally-defined user accounts on page 7-5.
Firewall on page 5-2.
Third-party RADIUS server Using a third-party RADIUS server on page 6-5.
Active Directory Using an Active Directory server on page 6-9.
Authentication support on a controlled AP
The following authentication types are supported on a controlled AP for wireless clients only:
802.1X
MAC-based
7-2