Nortel 2350 Reference Manual page 298
Wlan-management software 2300 series
Hide thumbs
Also See for 2350:
- User manual (218 pages) ,
- Installation and basic configuration manual (172 pages) ,
- Quick start manual (44 pages)
Table of Contents
Advertisement
298 Configuring Authentication, Authorization, and Accounting Parameters
a
Select the Configuration tool bar option.
b
In the Organizer panel, click the plus sign next to the WSS.
c
Click the plus sign next to AAA.
d
Select Web Access Rules.
e
In the Task List panel, select Web Network Access.
2
Specify whether the rule is for wireless access to an SSID or access through a wired
authentication port:
•
If the rule is for access to an SSID, do one of the following:
•
•
•
If the rule is for access through a wired authentication port, select Wired.
Caution!
box contains any and you do not change the SSID name, the authentication rule
allows clients who match the userwildcard to access any SSID.
3
Type the userwildcard that is allowed to use Web-based AAA to access the SSID or wired
authentication port.
A user wildcard is a string containing wildcards that matches on one or more user names. Type
a full or partial username to be matched during authentication (1 to 80 alphanumeric characters,
with no spaces or tabs). The format of a user wildcard depends on the client type and EAP
method.
For Windows domain clients using Protected EAP (PEAP), the user wildcard is in the format
Windows_domain_name\username. The Windows domain name is the NetBIOS domain name
and must be specified in capital letters. For example, EXAMPLE\sydney, or EXAMPLE\*.*,
which specifies all usernames whose usernames contain periods.
For EAP with Transport Layer Security (EAP-TLS) clients, the format is
username@domain_name. For example, sydney@example.com specifies the user sydney in the
domain name example.com. The *@marketing.example.com wildcard specifies all users in the
marketing department at example.com. The user wildcard sydney@engineering.example.com
specifies the user sydney in the engineering department at example.com.
4
Click Next.
5
If the authentication rule is disabled, select Enabled.
When a rule is disabled, WLAN Management Software does not add it to the switch's
configuration.
6
Select the authentication method(s) in the Available RADIUS Server Groups list and click
Add.
An authentication method specifies where the switch will look for user information to
authenticate users. You can select a RADIUS server group, LOCAL (the switch's local user
database), or both.
NN47250-102 (320666-G Version 02.01)
To match on any SSID name, leave the value any in the SSID box.
To match only on a specific SSID name, select or type the name in the SSID box.
The default SSID name any matches on all SSID names. If the SSID
Advertisement
Table of Contents
