HP Manager Software manual „ Ports, To create a location policy rule

300CHAPTER 7: CONFIGURING AUTHENTICATION, AUTHORIZATION, AND ACCOUNTING PARAMETERS

The conditions can be one or more of the following:

„AAA-assigned VLAN

„Username

„MAP access port, Distributed MAP number, or wired authentication port through which the user accessed the network

„SSID name with which the user is associated

Conditions within a rule are ANDed. All conditions in the rule must match in order for MSS to take the specified action. If the location policy contains multiple rules, MSS compares the user information to the rules one at a time, in the order the rules appear in the switch’s configuration file, beginning with the rule at the top of the list. MSS continues comparing until a user matches all conditions in a rule or until there are no more rules.

Any authorization attributes not changed by the location policy remain active.

Creating Location Location policy rules are listed in the order created, unless you change the Policy Rules order with the Modify Location Policy wizard. The order of rules in a

location policy is critical because a rule higher in the list is checked prior to rules lower in the list. If the criteria for a rule are matched, the WX stops comparing user attributes against the remaining location policy rules in the list.

When creating a location policy rule, you specify one or more of the following attributes, which are used to determine whether a location policy is applied:

„User glob

„VLAN

„SSID

„Ports

To create a location policy rule

1Access the WX Switch wizard for the WX switch. (See “Accessing the WX Switch Wizard” on page 187.)

2Select AAA at the top of the wizard, if not already selected.