Filter
Top Products
Configuring AAA for network users 489
Nortel WLAN—Security Switch 2300 Series Configuration Guide
To reset the Bonded Authentication period to its default value (0), use the following command:
clear dot1x bonded-period
Bonded Authentication configuration example
To configure Bonded Authentication:
• Configure separate authentication rules for the machine and for the user(s).
• Set the Bonded Authentication period.
• Verify the configuration changes.
The following commands configure two 802.1X authentication rules for access to SSID mycorp. The first rule
is for authentication of all trusted laptop PCs at mycorp.com (host/*-laptop.mycorp.com). The second rule is
for bonded authentication of all users at mycorp.com (*.mycorp.com). Both rules use pass-through as the
protocol, and use RADIUS server group radgrp1.
WSS# set authentication dot1x ssid mycorp host/*-laptop.mycorp.com pass-through
radgrp1
success: change accepted.
WSS# set authentication dot1x ssid mycorp *.mycorp.com bonded pass-through
radgrp1
success: change accepted.
The following command sets the Bonded Authentication period to 60 seconds, to allow time for WEP users to
reauthenticate:
WSS# set dot1x bonded-period 60
success: change accepted.
Displaying Bonded Authentication configuration information
To display Bonded Authentication configuration information, use the following command:
show dot1x config
In the following example, bob.mycorp.com uses Bonded Authentication, and the Bonded Authentication
period is set to 60 seconds.
WSS# show dot1x config
802.1X user policy
----------------------
'host/bob-laptop.mycorp.com' on ssid 'mycorp' doing PASSTHRU
'bob.mycorp.com' on ssid 'mycorp' doing PASSTHRU (bonded)
802.1X parameter setting
---------------- -------
supplicant timeout 30
auth-server timeout 30
quiet period 60
transmit period 5