Rf Assignment For A Wm-Ad; Authentication For A Wm-Ad; Authentication With Ssid Network Assignment - Extreme Networks Summit WM User Manual

RF assignment for a WM-AD

The second step in setting up a WM-AD is to configure the RF assignment for the WM-AD. From the
RF tab you assign APs to a WM-AD and SSID definitions.

Authentication for a WM-AD

The third step in setting up a WM-AD is to configure the authentication mechanism for the WM-AD.
The authentication mechanism depends on the network assignment. In addition, all WM-AD definitions
can include authentication by Media Access Control (MAC) address. Authentication by MAC address
provides a method of access control for a user as it associates with the AP based on the device's MAC
address.

Authentication with SSID network assignment

If network assignment is SSID, there are two authentication options:
None - This authentication method is the default for a new SSID assignment WM-AD.
Authentication WM-AD, unless MAC-based authorization is used, the default filter is applied, not
the non-authentication filter. For more information, see
Captive Portal - This authentication method employs a Web redirection which directs a user's Web
session to an authentication server. Typically, the user must provide their credentials (userID,
password) to be authenticated. The Captive Portal redirection operation will redirect any Web page
requests corresponding to targets which are not explicitly allowed by the non-authenticated filter.
The user's Web page is redirected to a defined authentication Web server. You must ensure that the
authentication Web server is explicitly listed as an allowed destination for traffic to be able to access
it. After authentication, the client will be redirected to the originally requested Web page or a
configured default redirection Web page.
The Summit WM Controller supports two modes of Captive Portal authentication:
Internal Captive Portal - The controller's own Captive Portal authentication page (configured as
an editable form) is used to request user credentials.
External Captive Portal - An entity outside of the Summit WM Controller is responsible for
handling the user authentication process, presenting the credentials request forms and
performing user authentication procedures. The controller is then informed of the authentication
results via its Business Echosystem's interfaces.
Four authentication types are supported for Captive Portal authentication:
Password Authentication Protocol (PAP)
Challenge Handshake Authentication Protocol (CHAP)
Windows-specific version of CHAP (MS CHAP)
MS CHAP v2 (Windows-specific version of CHAP, version 2)
For Captive Portal authentication, the RADIUS server must support the selected authentication type:
PAP, CHAP (RFC2484), MS-CHAP (RFC2433), or MS-CHAPv2 (RFC2759).
Summit WM User Guide, Software Version 5.3
"Filtering for a WM-AD" on page 146.
145