Configuring AAA for network users 563

Nortel WLAN—Security Switch 2300 Series Configuration Guide
WEP rekey period 1800
WEP rekey enabled
Bonded period 60
Information for the 802.1X authentication rule for the machine (host/bob-laptop.mycorp.com) is also
displayed. However, the bonded option is configured only for the user’s authentication rule. The bonded
option applies only to the authentication rules for users, not the authentication rules for machines.

Configuring authentication and authorization by

MAC address

You must sometimes authenticate users based on the MAC addresses of their devices rather than a user-
name-password or certificate. For example, some Voice-over-IP (VoIP) phones and personal digital assistants
(PDAs) do not support 802.1X authentication. If a client does not support 802.1X, WSS Software attempts to
perform MAC authentication for the client instead. The WSS can discover the MAC address of the device
from received frames and can use the MAC address in place of a username for the client.
Users authorized by MAC address require a MAC authorization password if RADIUS authentication is
desired. The default well-known password is nortel.
Caution! Use this method with care. IEEE 802.11 frames can be forged and can result
in unauthorized network access if MAC authentication is employed.