Step 1 - Configure Amigopod As A Dac Entry; Step 2 - Enable Authorization For The Amigopod Ssid; Step 3 - Test Disconnect Of Authenticated User - AMIGOPOD PowerConnect W Clearpass 100 Software Integration Manual

Step 1 – Configure amigopod as a DAC entry
Enter the following set command at the enable prompt of the CLI to enable the amigopod on
10.9.4.8 to be able to send RFC3576 messages to the Trapeze. Please note that the key is still
the same as the entry configured in Step 1 of the Trapeze configuration so it matches the NAS
definition on the amigopod.
set radius dac amigopod address 10.9.4.8 replay-protect disable key wireless
Note: RFC 3576 uses UDP port 3799 by default so if your deployment places the amigopod on
the other side of a router or firewall with Access Control Lists you will also need to permit this
port along with the standard RADIUS ports of 1812 and 1813.
Step 2 – Enable authorization for the amigopod SSID
In order for Dynamic Authorisation to succeed the SSID in question on the Trapeze needs to
have authorization enabled. Enter the following set command on the CLI to enable authorization
on the amigopod SSID.
set authorization dynamic ssid amigopod amigopod
The first reference to amigopod is the SSID and the second reference is to the amigopod
RADIUS server definition. Please modify these to suit your deployment.
Step 3 – Test Disconnect of authenticated user
Now that all of the required Dynamic Authorisation configuration is complete, we can perform a
quick test of the disconnect procedure as specific in RFC 3576.
Assuming we have already got a wireless test user connected to the amigopod SSID and has
successfully authenticated via the amigopod hosted Web-Login (as per the previous section),
we should see a valid entry in the show sessions table from the Trapeze CLI:
mxr-2# sh sessions
1 session total
User Name
AP/Radio
--------------------- ------
-
cam
mxr-2#
CONFIDENTIAL
SessID Type Address
----- ----------------- --------------- -------
17* web 10.9.4.207
VLAN
default 1/2
24