298CHAPTER 8: CONFIGURING AUTHENTICATION, AUTHORIZATION, AND ACCOUNTING PARAMETERS

Table 22 Authentication Attributes for Local Users (continued)

Attribute

Description

Valid Value(s)

 

 

 

url

URL to which the user is

Web URL, in standard format. For

(network access

redirected after

example:

successful WebAAA.

 

mode only)

http://www.example.com

 

 

 

You must include the http:// portion.

vlan-name

(network access mode only)

Virtual LAN (VLAN) assignment.

VLAN-Name is a 3Com vendor-specific attribute (VSA). The vendor ID is 43, and the vendor type is 1.

On some RADIUS servers, you might need to use the standard RADIUS attribute Tunnel-Pvt-Group-ID, instead of VLAN-Name.

Name of a VLAN that you want the user to use. The VLAN must be configured on a WX switch within the Mobility Domain to which this WX switch belongs.

Viewing and

Remote Authentication Dial-In User Service (RADIUS) is a client-server

Configuring

security protocol that provides authentication, authorization, and

RADIUS Settings

accounting for network users and devices. A RADIUS server stores user

 

profiles, which include usernames, passwords, and other user attributes.

 

After you have defined RADIUS servers, you define RADIUS server groups

 

(named sets of RADIUS servers). You must create at least one server

 

group.

 

RADIUS server groups can authenticate administrators and network

 

users. You can specify up to four RADIUS server groups for AAA services

 

in a 3Com Mobility System.

 

Although you can use the local database on the WX switch to

 

authenticate users, 3Com recommends using RADIUS to accommodate

 

the large number of users in an enterprise network.

 

For information about the RADIUS attributes supported by MSS, see the

 

Wireless LAN Switch and Controller Configuration Guide

Page 298
Image 298
3Com 3CRWX120695A WXR100, 3CRWXR10095A manual Radius Settings, Group, A 3Com Mobility System, Url, Vlan-name