Access Controller Shared Secret; Access Controller Mode; Noc Authentication; Access Controller Ports - Colubris Networks CN3000 Administrator's Manual

Chapter 11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Configuration parameters - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Chapter 11
Access The CN3000 will only accept authentication/location-aware information from Colubris
Networks satellites that have a matching shared secret to its own. This is used to:
controller
• receive authentication requests for 802.1x customers on the Colubris satellite
shared secret
• receive location-aware information from the Colubris satellite
Access Mode
Choose the operational mode.
controller mode
• Internal: The CN3000 functions as an access controller. This means that it controls
• Centralized: Disables the CN3000 as the access controller. All wireless traffic is
NOC Enable this option to support NOC authentication.
NOC authentication must be used in conjunction with the remote login page feature.
authentication
The remote login page feature enables customers to be redirected to a remote web
server to login instead of using the internal login page on the CN3000.
To validate customer logins, a login application on the remote server must collect
customer login information and send it to the CN3000, which in turn forwards it to a
RADIUS server.
Allowed addresses
The CN3000 will only accept customer login authentication requests from the IP
addresses in this list. When the list is empty, authentication requests are accepted from
any address.
Active interfaces
Select the interface(s) that the CN3000 will accept authentication requests on.
Access The CN3000 uses these ports for authentication tasks. For example, when using the
remote login page feature, the login application will post customer info to the HTTPS
controller ports
port for authentication.
If you enabled support for proxy settings in the Client station settings box, you must
change these ports to support client stations that are using proxy servers on port 8080
or 8090. The following mappings are recommended:
• map 8090 to 444
• map 8080 to 81
Make sure that you do not remap these ports to values already in use on your network.

IPass settings

Location name
Specify the IPass location name assigned to the CN3000.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 249 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
entry to the public access network via the public access interface. User must login to
gain access to the network.
forwarded onto the Internet port.
This mode is used when access control is handled by a remote site. To forward traffic to
the remote site, you can define a GRE tunnel (Network > GRE) and map all wireless
traffic into it (Wireless > WLAN profiles).