EasyManua.ls Logo

Alcatel-Lucent AOS-W 6.5.3.x - Managing Whitelists on Master and Local Switches

Alcatel-Lucent AOS-W 6.5.3.x
1160 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
There is no change in the RAP role assignment. The RAP is assigned the role that is configured in the VPN
default-rap profile.
In the WebUI
To assign a CPPM server to a RAP:
1. Configure a CPPM server using the switch WebUI:
a. Navigate to Configuration > Security > Authentication > Servers.
b. Select Radius Server to display the CPPM Server List.
c. To configure a CPPM server, enter the name for the server and click Add.
d. Select the name to configure server parameters. Select the Mode check box to activate the
authentication server.
e. Click Apply.
2. Create a server group that contains the CPPM server.
3. Navigate to Configuration > All Profile Management > Wireless LAN > VPN Authentication >
default-rap > Server Group.
4. Select the CPPM server from the Server Group drop-down list.
5. Click Apply.
To assign a CPPM server to a RAP that was initially an Instant AP:
1. Make sure that a CPPM server is configured on the switch.
2. Navigate to Configuration > All Profile Management > Wireless LAN > VPN Authentication >
default-iap > Server Group.
3. Select the CPPM server from the Server Group drop-down list.
4. Click Apply.
In the CLI
To add a CPPM server to a RAP:
Configure a radius server with CPPM server as host address. In this example cppm-rad is the CPPM server
name and cppm-sg is the server group name.
(host)(config) #aaa authentication-server radius cppm-rad
Add this server to a server group:
(host)(config) #aaa server-group cppm-sg
(host) (Server Group "cppm-sg") #auth-server cppm-rad
Add this server group to the default-rap vpn profile:
(host)(config) #aaa authentication vpn default-rap
(host)(VPN Authentication Profile "default-rap") #server-group cppm-sg
Managing Whitelists on Master and Local Switches
Every switch using the control plane security feature maintains a campus AP whitelist, a local switch whitelist
and a master switch whitelist. The contents of these whitelists vary, depending upon the role of the switch, as
shown in the table below.
AOS-W 6.5.3.x | User Guide Control Plane Security | 66

Table of Contents