Concepts and Terminology | 15 |
systems. As a RADIUS server, IAS performs centralized connection authentication, authorization, and accounting for network access servers (desktop switches and wireless access points acting as radius clients), see Figure 2.
Remote Access Policy
For 3Com Network Access Manager to authenticate users and computers accessing the network, an IAS Remote Access Policy must be created. Appendix A provides step by step instructions on how to create a Remote Access Policy.
In a
Figure 2 Network Access Servers within a Domain
Microsoft Active Directory
RADIUS protocol with VLAN and QoS associations
Microsoft
Internet Authentication Service with 3Com Network Access Manager
Network Access
Servers
SuperStack3 Switch 4400 | SuperStack4 Switch 5500 | Wireless LAN Access Points |
Rules 3Com Network Access Manager provides its functionality through a set of rules implemented in Active Directory. Each rule comprises a priority, a Network Access setting (allow/deny), an optional authorization response (VLAN and QoS), and an optional EFW policy name.
Users, groups and computers (through the MAC address of the PC) are associated with rules. When multiple rules are associated with a user, group or computer then the rule with the highest priority takes precedence.
