Nortel Networks 2300 Manual

next previous

Contents 23

Nortel WLAN Security Switch 2300 Series Configuration Guide

Clearing a Security ACL from a User or Group . . . . . . . . . . . . . . . . . . . . . . . 453

Assigning Encryption Types to Wireless Users . . . . . . . . . . . . . . . . . . . . . . . 454

Overriding or Adding Attributes Locally with a Location Policy . . . . . . . . . . . . . . 455

About the Location Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456

How the Location Policy Differs from a Security ACL . . . . . . . . . . . . . . . . . . 457

Setting the Location Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458

Clearing Location Policy Rules and Disabling the Location Policy . . . . . . . . 460

Configuring Accounting for Wireless Network Users . . . . . . . . . . . . . . . . . . . . . . 460

Viewing Local Accounting Records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462

Viewing Roaming Accounting Records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463

Displaying the AAA Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464

Avoiding AAA Problems in Configuration Order . . . . . . . . . . . . . . . . . . . . . . . . . 465

Using the Wildcard “Any” as the SSID Name in Authentication Rules . . . . . 465

Using Authentication and Accounting Rules Together . . . . . . . . . . . . . . . . . 467

Configuring a Mobility Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468

Network User Configuration Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469

General Use of Network User Commands . . . . . . . . . . . . . . . . . . . . . . . . . . 470

Enabling RADIUS Pass-Through Authentication . . . . . . . . . . . . . . . . . . . . . 472

Enabling PEAP-MS-CHAP-V2 Authentication . . . . . . . . . . . . . . . . . . . . . . . 473

Enabling PEAP-MS-CHAP-V2 Offload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474

Combining 802.1X Acceleration with Pass-Through Authentication . . . . . . . 475

Overriding AAA-Assigned VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476

Configuring Communication with RADIUS 477

RADIUS Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479

Configuring RADIUS Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479

Configuring Global RADIUS Defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480

Setting the System IP Address as the Source Address . . . . . . . . . . . . . . . . 481

Configuring Individual RADIUS Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482

Deleting RADIUS Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483

Configuring RADIUS Server Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483

Creating Server Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484

Deleting a Server Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487

RADIUS and Server Group Configuration Scenario . . . . . . . . . . . . . . . . . . . . . . 487