334
C
7: C
HAPTER
ONFIGURING
A
, A
UTHENTICATION
UTHORIZATION
asterisk (*) in MAC addresses. The following lists examples of using
wildcards in MAC addresses:
* (all MAC addresses)
00:*
00:01:*
00:01:02*
00:01:02:03:*
00:01:02:03:04:*
00:01:02:03:04:0*
Last-resort access does not need a userglob or MAC address glob. If you
configure a last-resort access rule for the SSID and you enable last-resort
as the fallthru authentication method, any user can access that SSID. (The
default fallthru method is Web AAA. To change the fallthru
authentication method, see "Configuring a Service Profile" on page 257.)
4 Optionally, edit the name in the SSID box to match the SSID name.
CAUTION: The default SSID name any matches on all SSID names. If the
SSID box contains any and you do not change the SSID name, the
authentication rule allows clients who match the userglob or MAC
address glob to access any SSID.
5 To enable the authentication rule for use with wired authentication users,
select Wired. When you enable this option, the rule applies to
connection attempts on a WX switch's wired authentication ports, in
addition to wireless connection attempts through a MAP.
6 Click Next and go to "To configure authentication settings".
To configure authentication settings
1 Access the Create Network Access wizard for 802.1X, MAC, last-resort,
or Web AAA, if not already displayed.
2 Go to one of the following steps:
If you are configuring an 802.1X authentication rule for the SSID, go
to step 3.
If you are configuring a MAC, last-resort, or Web AAA rule for the
SSID, go to step 4.
3 Click 802.1X Policy at the top of the Create 802.1X Network Access
wizard. The 802.1X Policy page appears. Go to step 5.
,
A
P
AND
CCOUNTING
ARAMETERS