Filter
Top Products
Contents 29
Nortel WLAN—Security Switch 2300 Series Configuration Guide
How the location policy differs from a security ACL . . . . . . . . . . . . . . . . . . . 539
Setting the location policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 540
Applying security ACLs in a location policy rule . . . . . . . . . . . . . . . . . . . 540
Displaying and positioning location policy rules . . . . . . . . . . . . . . . . . . . 541
Clearing location policy rules and disabling the location policy . . . . . . . . . . . 542
Configuring accounting for wireless network users . . . . . . . . . . . . . . . . . . . . . . . 542
Configuring periodic accounting update records . . . . . . . . . . . . . . . . . . . . . . 544
Enabling system accounting messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . 545
Viewing local accounting records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 546
Viewing roaming accounting records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 547
Displaying the AAA configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548
Avoiding AAA problems in configuration order . . . . . . . . . . . . . . . . . . . . . . . . . . 549
Using the wildcard “Any” as the SSID name in authentication rules . . . . . . . 549
Using authentication and accounting rules together . . . . . . . . . . . . . . . . . . . 551
Configuration producing an incorrect processing order . . . . . . . . . . . . . 551
Configuration for a correct processing order . . . . . . . . . . . . . . . . . . . . . 551
Configuring a Mobility Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552
Network user configuration scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 553
General use of network user commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 554
Enabling RADIUS pass-through authentication . . . . . . . . . . . . . . . . . . . . . . 556
Enabling PEAP-MS-CHAP-V2 authentication . . . . . . . . . . . . . . . . . . . . . . . . 557
Enabling PEAP-MS-CHAP-V2 offload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 558
Combining 802.1X Acceleration with pass-through authentication . . . . . . . . 559
Overriding AAA-assigned VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 560
Configuring communication with RADIUS . . . . . . . . . . . . . . . . . . . . . . . . 561
RADIUS overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561
Before you begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 563
Configuring RADIUS servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 563
Configuring global RADIUS defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 564
Setting the system IP address as the source address . . . . . . . . . . . . . . . . . 565
Configuring individual RADIUS servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 566
Deleting RADIUS servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 567
Configuring RADIUS server groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 567
Creating server groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 568
Ordering server groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 568