Table of Contents
Advertisement
Chapter 6: Authentication Using External Servers
New
Click the User authentication tab in the BSC administrator console.
1.
Transparent
Select Transparent 802.1x Authentication from the Create drop-down list on the User
2.
802.1x server
authentication page.
page
The New Transparent 802.1x server page appears as shown in Figure 6-7.
Enable server
The Enable checkbox is checked to make the server available for user authentication.
Name
Enter a meaningful name for the Transparent 802.1x authentication server.
Transparent
Server address: Enter the server's IP address or fully qualified domain name.
802.1X server
Port: Enter the server's port number.
settings
Accounting
To enable RADIUS accounting for this server, select the name of the external RADIUS
accounting server from the Accounting server drop-down list.
See "RADIUS Accounting" on page 7-1 to configure a new RADIUS accounting server for
selection in the drop-down list.
Alternatively, you can select the Create... option to open a window that enables you to
configure a new RADIUS accounting server. After you save the server information, you
are returned to the New Transparent 802.1X server page where you can select the
RADIUS accounting server from the drop-down list.
Mapping
Define the rules to determine if the user is authenticated.For each rule:
1.
Transparent
a)
802.1X
attributes to
roles
6-18
Figure 6-7: New Transparent 802.1x Server Page
Enter the appropriate Transparent 802.1x attribute in the Attribute field. The
following attributes are available for matching:
•
Login Name - Use for LEAP or MD5 EAP methods only.
•
Common Name - Use for TLS EAP methods only. This is the common name
contained in the user's TLS certificate.
•
Email Address - Use for TLS EAP methods only. This is the email name which
may be contained in the user's TLS certificate.
Advertisement
Table of Contents
