User Database; Authentication Of Terminal/Management User(S); Access Policy - Motorola WS5100 Series Migration Giude

Hide thumbs Also See for WS5100 Series:

Cli reference manual (492 pages)

Reference manual (444 pages)

Troubleshooting manual (100 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

Table of Contents

9-2 WS5100 Series Switch Migration Guide

the WS5100 switch processes the EAP messages that it receives. It encapsulates them to RADIUS access

requests and sends it to the configured RADIUS server, in this case the local Radius server.

The RADIUS server investigates the user credentials and the challenge information received in the RADIUS

access request frames. If the user is authorized and authenticated, the wireless client is granted access by

sending a RADIUS access accept frame. This is transmitted to the wireless client in a EAPoL frame format.

Figure 9.1 802.1x EAP Authentication Process

9.1.1 User Database

User Group names and the associated users in each group can be created in the local database. User ID in

the received access requests is mapped to the associated wireless group for the authentication and the

authorization policies.

The WS5100 supports creation of 500 users and 100 groups on its local database. Each group can have a

maximum of 500 users configured.

9.1.2 Authentication of Terminal/Management User(s)

The local radius server can be used to authenticate the management and terminal users. For this, the normal

user with the password should be created in the local database. These users should not be a part of any

group.

9.1.3 Access Policy

Access policies are defined in for a group created in local database. Each user is authorized based on the

access policies defined for the groups to which the user belongs.The access policies allow the administrator

to control the access to a set of users based on the WLANs (essid).

Group to wlan access will be controlled by using Time of the day access policy.

For example, consider User1 who's a part of Group1, which is mapped to wlan1 (i.e. essid of wlan1). When

the user tries to connect to wlan1, the user will be prompted to enter his/her credentials. Once the

authentication and authorization phases are successful then only user1 will be able to access the wlan1, only

for the allowed duration but not any other wlan.

Table of Contents

User Database; Authentication Of Terminal/Management User(S); Access Policy - Motorola WS5100 Series Migration Giude

9.1.1 User Database

9.1.2 Authentication of Terminal/Management User(s)

9.1.3 Access Policy

Related Manuals for Motorola WS5100 Series

Related Content for Motorola WS5100 Series

Table of Contents