3Com 3CRWX120695A Reference Manual page 325
Wireless lan mobility system wireless lan switch manager
Hide thumbs
Also See for 3CRWX120695A:
- Configuration manual (728 pages) ,
- Command reference manual (526 pages) ,
- User manual (190 pages)
Table of Contents
Advertisement
Configuring and Managing Access Rules for Network Users
Authentication Types
MSS provides the following types of authentication:
IEEE 802.1X — If the network user's network interface card (NIC)
supports 802.1X, MSS checks for an 802.1X authentication rule that
matches the username (and SSID, if wireless access is requested), and
that uses the Extensible Authentication Protocol (EAP) requested by
the NIC. If a matching rule is found, MSS uses the requested EAP to
check the RADIUS server group or local database for the username
and password entered by the user. If matching information is found,
MSS grants access to the user.
MAC — If the username does not match an 802.1X authentication
rule, but the MAC address of the user's NIC or Voice-over-IP (VoIP)
phone and the SSID (if wireless) do match a MAC authentication rule,
MSS checks the RADIUS server group or local database for matching
user information. If the MAC address (and password, if on a RADIUS
server) matches, MSS grants access. Otherwise, MSS attempts the
fallthru authentication type, which can be Web, last-resort, or none.
(Fallthru authentication is described in more detail in "Authentication
Algorithm" on page 326.)
Web — A network user attempts to access a web page over the
network. The WX switch intercepts the HTTP or HTTPS request and
serves a login Web page to the user. The user enters the username
and password, and MSS checks the RADIUS server group or local
database for matching user information. If the username and
password match, MSS redirects the user to the web page she
requested. Otherwise, MSS denies access to the user.
Last-resort — A network user requests access to the network,
without entering a username or password. MSS checks for a
last-resort authentication rule for the requested SSID (or for wired, if
the user is on a wired authentication port). If a matching rule is found,
MSS checks the RADIUS server group or local database for username
last-resort-wired (for wired authentication access) or
last-resort-ssid, where ssid is the SSID requested by the user. If the
user information is on a RADIUS server, MSS also checks for an
authorization password (3Com by default).
325
Advertisement
Table of Contents
Related Manuals for 3Com 3CRWX120695A
Related Products for 3Com 3CRWX120695A
- 3Com 3CR17251-91 - Switch 5500G-EI Stackable Gigabit Ethernet
- 3Com 3CR17561-91-US - Switch 4500 26PORT Managed 24 10/100 2 Gbe Stackable RJ45
- 3Com 3CR17571-91 - Switch 4500 PWR
- 3Com 3CRDSF9PWR-US - OfficeConnect Managed Fast Ethernet PoE Switch
- 3Com 3CRS48G-24S-91
- 3Com 3CRS48G-48-91
- 3Com 3CRS48G-48P-91
- 3Com 3CRBSG2893 - Baseline Smart 28PORT Gig Sfp 10/100/1000