212AAA Commands

Table 1: Authentication Attributes for Local Users (continued)

Attribute

Description

Valid Value(s)

url

(network access mode only)

URL to which the user is redirected after successful Web-based AAA.

Web URL, in standard format. For example: http://www.example.com

Note: You must include the http:// portion.

You can dynamically include any of the variables in the URL string:

$u—Username

$v—VLAN

$s—SSID

$p—Service profile name

To use the literal character $ or ?, use the following:

 

 

$$

 

 

$q

 

 

 

vlan-name

Virtual LAN (VLAN)

Name of a VLAN that you want the user to use.

(network access mode

assignment.

The VLAN must be configured on a WSS within

only)

Note: VLAN-Name is a

the Mobility Domain to which this WSS belongs.

 

 

 

 

Nortel vendor-specific

 

 

 

attribute (VSA). The

 

 

 

vendor ID is 562, and the

 

 

 

vendor type is 231.

 

 

 

Note: On some RADIUS

 

 

 

servers, you might need to

 

 

 

use the standard RADIUS

 

 

 

attribute Tunnel-Pvt-

 

 

 

Group-ID, instead of

 

 

 

VLAN-Name.

 

 

 

 

 

acct-interim-interval

Interval in seconds between

Number between 180 and 3,600 seconds, or 0 to

 

accounting updates, if start-

disable periodic accounting updates.

 

stop accounting mode is

The WSS ignores the acct-interim-interval value

 

enabled.

and issues a log message if the value is below 60

seconds.

Note: If both a RADIUS server and the WSS supply a value for the acct-interim-interval attribute, then the value from the WSS takes precedence.

Examples The following command assigns input access control list (ACL) acl-03to filter the packets from a user at MAC address 01:02:03:04:05:06:

WSS# set mac-user 01:02:03:04:05:06 attr filter-id acl-03.in

success: change accepted.

NN47250-100 (Version 02.51)

Page 212
Image 212
Nortel Networks 2300 Series $u-Username $v-VLAN $s-SSID $p-Service profile name, Url, Vlan-name, Acct-interim-interval