Motorola WiNG 5.4.2 System Reference Manual page 541

5. Define the following Settings
RADIUS User Pools
LDAP Server Dead Period
LDAP Groups
LDAP Group Verification
LDAP Chase Referral
Local Realm
6. Set the following Authentication
Source
FallBack
Local Authentication Type
required in the creation or modification of the server policy:
Select the user pools to apply to this server policy. Up to 32 can be applied. If a
pool requires creation, select the Create link. For more information, see
User Pools on page
Set an interval in either Seconds (0 - 600) or Minutes (0- 10) during which the
access point will not contact its LDAP server resource. A dead period is only
implemented when additional LDAP servers are configured and available.
Use the drop-down menu to select LDAP groups to apply the server policy
configuration. Select the Create or Edit icons as needed to either create a new
group or modify an existing group. Use the arrow icons to add and remove groups
as required.
Select the check box to set the LDAP group search configuration. This setting is
enabled by default.
Select the check box to set the LDAP referral chase feature. This settings is
enabled by default. When enabled, if the LDAP server does not contain the
requested information, it indicates to the LDAP client that it does not have the
requested information and provides the client with another LDAP server that
could have the requested information. It is up to the client to contact the other
LDAP server for its information.
Define the LDAP Realm performing authentication using information from an
LDAP server. User information includes user name, password, and the groups to
which the user belongs.
parameters to define server policy authorization settings.
Select the RADIUS resource for user authentication with this server policy.
Options include Local for the local user database or LDAP for a remote LDAP
resource. The default setting is Local
Select this option to indicate that fall back from RADIUS to local is enabled incase
RADIUS authentication is not available for any reason. This option is only enabled
when RADIUS is selected as the Source.
Use the drop-down menu to select the local EAP authentication scheme. The
following EAP authentication types are supported by the onboard RADIUS server:
• All – Enables both TTLS and PEAP.
• TLS - Uses TLS as the EAP type
• TLS and MD5 - The EAP type is TTLS, with default authentication using MD5.
• TTLS and PAP - The EAP type is TTLS, with default authentication using PAP.
• TTLS and MSCHAPv2 - The EAP type is TTLS, with default authentication using
MSCHAPv2.
• PEAP and GTC - The EAP type is PEAP, with default authentication using GTC.
• PEAP and MSCHAPv2 - The EAP type is PEAP with default authentication using
MSCHAPv2.
9-32.
9 - 37
Defining