Configuring Aaa For Users Of Third-Party Aps; Authentication Process For Users Of A Third-Party Ap - 3Com WX1200 3CRWX120695A Configuration Manual
Wireless lan mobility system wireless lan switch and controller
Hide thumbs
Also See for WX1200 3CRWX120695A:
- Reference manual (570 pages) ,
- Command reference manual (526 pages) ,
- User manual (190 pages)
Table of Contents
Advertisement
482
C
21: C
HAPTER
ONFIGURING
Configuring AAA
for Users of
Third-Party APs
Authentication
Process for Users of a
Third-Party AP
AAA
N
FOR
ETWORK
A WX switch can provide network access for users associated with a
third-party AP that has authenticated the users with RADIUS. You can
connect a third-party AP to a WX switch and configure the WX to provide
authorization for clients who authenticate and access the network
through the AP. Figure 32 shows an example.
Figure 32 WX Switch Serving as RADIUS Proxy
The authentication process for users of a third-party AP is as follows:
1 MSS uses MAC authentication to authenticate the AP.
2 The user contacts the AP and negotiates the authentication protocol to
be used.
3 The AP, acting as a RADIUS client, sends a RADIUS access-request to the
WX. The access-request includes the SSID, the user's MAC address, and
the username.
4 For 802.1X users, the AP uses 802.1X to authenticate the user, using the
WX as its RADIUS server. The WX proxies RADIUS requests from the AP to
a real RADIUS server, depending on the authentication method specified
in the proxy authentication rule for the user.
For non-802.1X users, the AP does not use 802.1X. The WX sends a
RADIUS query for the special username web-portal-ssid or
last-resort-ssid, where ssid is the SSID name. The fallthru authentication
type (web-portal or last-resort) specified for the wired authentication
port connected to the AP determines which username is used.
U
SERS
WX Switch
Wired Layer 2
connection
Layer 2
or Layer 3
RADIUS server
- Quick Links:
- Cli Conventions
Hide quick links:
Advertisement
Table of Contents
