Filter
Top Products
User authentication
Key concepts
Although the global MAC-based authentication settings apply to all VSCs that have HTML-
based user authentication enabled, each VSC can use a different authentication server to
validate user credentials. To define an authentication server for each VSC, open the Add/
Edit Virtual Service Community page and use the HTML-based user logins box to select
the authentication method.
VSC-based MAC
Each VSC can have unique settings for media access control (MAC) authentication of
wireless client stations. Support for RADIUS accounting is also configurable for each VSC.
See Working with VSCs on page 2-1.
HTML-based authentication
This option provides support for users to log in with a Web browser via the public access
interface provided by the service controller.
VPN-based authentication
This option defines settings for users who log in to the public access interface using a VPN
connection. To use this option, one of the following VPN features must be enabled and
configured on the Service controller >> VPN menu: L2TP server, PPTP server, or IPSec.
Important
If you enable this option for a VSC, all wireless users on the VSC must establish a VPN
connection. All other authentication methods (HTML, MAC) cannot be used.
If you enable this option on the default VSC, all wired users must establish a VPN
connection. (Wired users always connect to the default VSC.)
When configuring user VPN software, the address of the VPN server is the one assigned
to the service controller LAN port.
No authentication
For applications where a remote device performs all authentication functions, it can be
useful to disable authentication on the service controller and instead, forward all traffic on a
VSC into an egress GRE tunnel or egress VLAN for authentication by the remote device.
Note Because the service controller routes traffic to the VSC egress, L2 information from the user
is lost and only L3 information is available to the remote authentication device.
7-4