3Com WX1200 3CRWX120695A Configuration Manual page 465
Wireless lan mobility system wireless lan switch and controller
Hide thumbs
Also See for WX1200 3CRWX120695A:
- Reference manual (570 pages) ,
- Command reference manual (526 pages) ,
- User manual (190 pages)
Table of Contents
Advertisement
CAUTION: Without the Web-Portal ACL, WebAAA users will be placed
on the network without any filters.
CAUTION: Do not change the deny rule at the bottom of the ACL. This
rule must be present and the capture option must be used with the rule.
If the rule does not have the capture option, the Web Portal user never
receives a login page. If you need to modify the Web-Portal ACL, create a
new one instead, and modify the service profile or web-portal-wired user
to use the new ACL.
Authentication rules—A web authentication rule must be configured
for the WebAAA users. The web rule must match on the username
the WebAAA user will enter on the WebAAA login page. (The match
can be on a userglob or individual username.) The web rule also must
match on the SSID the user will use to access the network. If the user
will access the network on a wired authentication port, the rule must
match on wired.
To configure authentication rules, use the set authentication web
command.
Web Portal WebAAA must be enabled, using the set web-portal
command. The feature is enabled by default.
Portal ACL and User ACLs
The portalacl ACL, which MSS creates automatically, applies only when a
user's session is in the portal state. After the user is authenticated and
authorized, the ACL is no longer applicable.
To modify a user's access while the user is still being authenticated and
authorized, you can configure another ACL and map that ACL instead to
the web-portal-ssid or web-portal-wired user. Make sure to use the
capture option for traffic you do not want to allow. 3Com recommends
that you do not change the portalacl ACL. Leave the ACL as a backup in
case you need to refer to it or you need to use it again.
For example, if you want to allow the user to access a credit card server
while MSS is still authenticating and authorizing the user, create a new
ACL, add ACEs that are the same as the ACEs in portalacl, and add a new
ACE before the last one, to allow access to the credit card server. Make
sure the last ACE in the ACL is the deny ACE that captures all traffic that
is not allowed by the other ACEs.
Configuring Web Portal WebAAA
465
- Quick Links:
- Cli Conventions
Hide quick links:
Advertisement
Table of Contents
Related Manuals for 3Com WX1200 3CRWX120695A
Related Products for 3Com WX1200 3CRWX120695A
- 3Com 3CRWX120695A, 3CRWX440095A
- 3Com 3CR17333-91 - Switch 4210
- 3Com 3CR17562-91 - Switch 4500
- 3Com 3CR16708-91 - OfficeConnect Managed Switch 9
- 3Com 3CR13501-73
- 3Com 3CR17342-91 - Switch 4210 PWR
- 3Com 3CR17251-91 - Switch 5500G-EI Stackable Gigabit Ethernet
- 3Com 3CR17561-91-US - Switch 4500 26PORT Managed 24 10/100 2 Gbe Stackable RJ45