434 Configuring AAA for Network Users
320657-A
5 Configure a last-resort authentication rule for user web-portal-mycorp:
23x0# set authentication last-resort ssid mycorp local
success: change accepted.
6 Configure a web authentication rule for Web-based AAA users:
23x0# set authentication portalacl.in ssid mycorp ** local
success: change accepted.
7 Display the configuration:
23x0# show config
# Configuration nvgen'd at 2005-5-09 19:14:10
# Image 4.0.1
# Model WSS-2360
# Last change occurred at 2005-5-09 19:13:45
...
set authentication last-resort ssid mycorp local
set authentication portalacl.in ssid mycorp ** local
set user web-portal-mycorp attr vlan-name corpvlan
set user web-portal-mycorp attr filter-id portalacl.in
set user alice password alicepword
set user bob password bobpword
...
set vlan corpvlan port 2-3
set interface corpvlan ip 192.168.12.10 255.255.255.0
...
set security acl ip portalacl.in permit udp 0.0.0.0
255.255.255.255 eq 68 0.0.0.0 255.255.255.255 eq
67
set security acl ip portalacl.in deny 0.0.0.0 255.255.255.255
capture
commit security acl portalacl.in
8 Save the configuration changes:
23x0# save config
success: configuration saved.
Displaying Session Information for Portal Web-based AAA Users
To display user session information for portal Web-based AAA users, use the following command:
show sessions network [user user-wildcard | mac-addr mac-addr-wildcard | ssid ssid-name
| vlan vlan-wildcard | session-id session-id | wired] [verbose]
You can determine whether a portal Web-based AAA user has completed the authentication and authorization process,
based on the username displayed in the session table. The following command shows the sessions for SSID mycorp.
23x0# show sessions network ssid mycorp
User Sess IP or MAC VLAN Port/
Name ID Address Name Radio
------------------------------ ---- ----------------- --------------- -----
