Nortel Networks 2300 Switch User Manual

Open as PDF

of 758

Configuring AAA for network users 523

Nortel WLAN—Security Switch 2300 Series Configuration Guide

Table 5.Authentication attributes for local users

Attribute Description Valid Value(s)

encryption-type Type of encryption

required for access

by the client. Clients

who attempt to use

an unauthorized

encryption method

are rejected.

One of the following numbers that

identifies an encryption algorithm:

• 1—AES_CCM (Advanced Encryption

Standard using Counter with CBC-MAC)

• 2—Reserved

• 4—TKIP (Temporal Key Integrity Protocol)

• 8—WEP_104 (the default) (Wired-Equivalent

Privacy protocol using 104 bits of key

strength)

• 16—WEP_40 (Wired-Equivalent Privacy

protocol using 40 bits of key strength)

• 32—NONE (no encryption)

• 64—Static WEP

In addition to these values, you can

specify a sum of them for a

combination of allowed encryption

types. For example, to specify

WEP_104 and WEP_40, use 24.

end-date Date and time after

which the user is no

longer allowed to be

on the network.

Date and time, in the following format:

YY/MM/DD-HH:MM

You can use end-date alone or with

start-date. You also can use

start-date, end-date, or both in

conjunction with time-of-day.

filter-id

(network access

mode only)

Security access

control list (ACL), to

permit or deny traffic

received (input) or

sent (output) by the

WSS.

(For more

information about

security ACLs, see

“Configuring and

managing security

ACLs” (page 407).)

Name of an existing security ACL, up

to 253 alphanumeric characters, with

no tabs or spaces.

•Use acl-name.in to filter traffic that enters the

switch from users via an AP access port or

wired authentication port, or from the network

via a network port.

•Use acl-name.out to filter traffic sent from the

switch to users via an AP access port or wired

authentication port, or from the network via a

network port.

Note. If the Filter-Id value returned through the

authentication and authorization process does not

match the name of a committed security ACL in

the WSS, the user fails authorization and is unable

to authenticate.

idle-timeout This option is not implemented in the current WSS Software

version.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Nortel Networks 2300 Switch User Manual