Filter
Top Products
NOC authentication
Addressing security concerns
%o
Returns the original URL requested by the user. By default, this value is
URL encoded. By default, this value is URL encoded. (To enable/disable
URL encoding, set the value of url-encode in the <ACCESS-
CONTROLLER> section in the configuration file.)
%i
Returns the domain name assigned to the service controller’s Internet
port.
%p
Returns the port number on the service controller where user login
information should be posted to for authentication.
%a
Returns the IP address of the service controller’s interface that is sending
the authentication request.
%E
When the location-aware feature is enabled, returns the ESSID of the
wireless access point the user is associated with.
%P
When the location-aware feature is enabled, returns the wireless mode
(“ieee802.11a”, “ieee802.11b”, “ieee802.11g”) the user is using to
communicate with the access point.
%G
When the location-aware feature is enabled, returns the group name of the
wireless access point the user is associated with.
%C
When the location-aware feature is enabled, returns the Called-station-id
content for the wireless access point the user is associated with.
%r
Returns the string sent by the RADIUS server when an authentication
request fails. The RADIUS server must be configured to support this
feature. The information contained in the returned string depends on the
configuration of the RADIUS server.
%m
Returns the MAC address of the wireless/wired client station that is being
authenticated.
%v
Returns the VLAN assigned to the client station at the service controller’s
ingress (LAN port).
Addressing security concerns
It is important that the connection between the login application and the service controller be
secure to protect the exchange of user authentication traffic. The following strategy provides
for complete connection security.
Securing the remote login page
HTTPS can be used on the Web server to secure the login page. To avoid warning messages
on the user’s browser, the SSL certificate installed on the Web server should be signed by a
well-known CA.
D-5