Colubris Networks CN3000 Administrator's Manual page 92

Chapter 4 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Scenarios - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Chapter 4
3. In the Settings box, use the defaults except for Authentication method which must
4. In the Primary RADIUS server box, specify the address of the corporate RADIUS
Connect to the RADIUS server
Security > Authentication
1. Enable the CN3000 RADIUS authentication option.
2. Select RADIUS Profile 1.
3. Specify the username and password the CN3000 will use to login to the RADIUS
4. Click Force authentication. The light should turn green, indicating that the CN3000
5. Click Save.
Configure WLAN profiles
Wireless > Wi-Fi > WLAN profiles
1. Define a WLAN profile called Public.
2. Enable HTML-based user logins and assign them to RADIUS authentication.
3. Select RADIUS Profile 1.
4. Use the default settings for all other parameters.
Configure the shared secret
Security > Authentication > Advanced
Set the Access controller shared secret to a suitable value. You will need to configure
the same value on the CN300s.
Create an access list
Add an access list definition that allows guest traffic to reach the Internet and blocks it
from entering the corporate network. See
On the CN300s
1. Open the Wireless > WLAN profiles page. Add two profiles: Private and Public.
2. Open the Network > Ports page.
3. Open the Security > Access controller page.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 92 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
match the method supported by the RADIUS server.
server and the secret the CN3000 will use to login.
server.
has been successfully authenticated.
• Private profile: in the Wireless protection box, enable either WPA or 802.1x.
• Enable DHCP client.
• Set VLAN to 60.
• Disable Restrict VLAN to management traffic only.
• Set the Access controller shared secret to same value as on the access
controller.
• Disable Location-aware authentication.
(page 245)
(page 218 + 219)
(page 247)
"Access list" on page 168 for details.