EasyManua.ls Logo

Alcatel-Lucent AOS-W 6.5.3.x - Sample Configurations

Alcatel-Lucent AOS-W 6.5.3.x
1160 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
(host) (AP provisioning) # reprovision ap-name <apname>
To view the 802.1X authentication details on the switch:
(host) # show ap active
Sample Configurations
The following examples show basic configurations on the switch for:
n Configuring Authentication with an 802.1X RADIUS Server on page 271
n Configuring Authentication with the Switch’s Internal Database on page 281
In the following examples:
n Wireless clients associate to the ESSID WLAN-01.
n The following roles allow different networks access capabilities:
l student
l faculty
l guest
l system administrators
The examples show how to configure using the WebUI and CLI commands.
Configuring Authentication with an 802.1X RADIUS Server
n An EAP-compliant RADIUS server provides the 802.1X authentication. The RADIUS server administrator
must configure the server to support this authentication. The administrator must also configure the server
to all communications with the Alcatel-Lucent switch.
n The authentication type is WPA. From the 802.1X authentication exchange, the client and the switch derive
dynamic keys to encrypt data transmitted on the wireless network.
n 802.1X authentication based on PEAP with MS-CHAPv2 provides both computer and user authentication. If
a user attempts to log in without the computer being authenticated first, the user is placed into a more
limited guest” user role.
Windows domain credentials are used for computer authentication, and the user’s Windows login and
password are used for user authentication. A single user sign-on facilitates both authentication to the
wireless network and access to the Windows server resources.
802.1X Configuration for IAS and Windows Clients on page 1109 describes how to configure the Microsoft Internet
Authentication Server and Windows XP wireless client to operate with the switch configuration shown in this section.
Configuring Roles and Policies
You can create the following policies and user roles for:
n Student
n Faculty
n Guest
n Sysadmin
n Computer
Creating the Student Role and Policy
The student policy prevents students from using telnet, POP3, FTP, SMTP, SNMP, or SSH to the wired portion
of the network. The student policy is mapped to the student user role.
AOS-W 6.5.3.x | User Guide 802.1X Authentication | 271

Table of Contents