38CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM
If services are being used for customer corporate entities (e.g. different airlines on an airport wireless net), then they would probably use 802.1X and strong encryption with web guest access for their airport club guests. If the services are being used to advertise multiple wireless service providers (WISP), such as
AAASecurity An administrator can control the way in which users access the network. Configuration For each service you provide, you can configure unique authentication,
authorization, and accounting (AAA) security features, creating an entirely virtualized wireless service. For each service, you configure:
Multiple authentication choices (802.1X, Web, AAA, MAC authentication, Bonded Auth, open)
AAA methods (up to four RADIUS server groups, or a local database on the WX switch)
Authentication
Authentication is the method of determining whether a user is allowed access to your network. Users can be authenticated by a RADIUS server
To authenticate users, you will need to configure users either in the local database or on RADIUS servers. Each user will have a username, password, and RADIUS and/or
See Figure 8 on page 39 to see a flowchart representing the authentication process. Generally, 802.1X authentication is attempted first. If the user fails, then MAC authentication is attempted. If this fails, then last resort and web authentication is used. For a service profile, you specify either web authentication,