User authentication, accounts, and addressing
MAC-based authentication
10-18
Remote
User logins are authenticated via an external RADIUS server. To define the connection to an
external RADIUS server, go to the Controller >> Authentication > RADIUS profiles
page.
To successfully authenticate a client station, an account must be created on the RADIUS
server with both username and password set to the MAC address of the client station.
The MAC address sent by the controller or controlled AP in the RADIUS REQUEST packet
for both username and password is 12 hexadecimal numbers, with the values “a” to “f” in
lowercase. For example: 0003520a0f01.
The RADIUS server will reply to the REQUEST with either an ACCEPT or REJECT RADIUS
RESPONSE packet. In the case of an ACCEPT, the RADIUS server can return the session-
timeout RADIUS attribute (if configured for the account). This attribute indicates the amount
of time, in seconds, that the authentication is valid for. When this period expires, the
controller or controlled AP will re-authenticate the wireless station.
Request RADIUS CUI: Enable this option to support the Chargeable User Identity
(CUI) attribute as defined in RFC-4372. The CUI is used to associate a unique identifier
with a user so that the user can be identified (for billing, authentication or other
purposes) when roaming outside of their home network.
General
RADIUS accounting
Enable this option to have the controller generate a RADIUS START/STOP and interim
request for each user. The controller respects the RADIUS interim-update-interval attribute if
present inside the RADIUS access accept of the authentication.
Called-Station-ID content
(Only available when Access control is disabled under Global)
Select the value that the AP (with which the user has established a wireless connection) will
return as the called station ID.
Port 1: MAC address of the first Ethernet port on the AP.
Port 2: MAC address of the second Ethernet port on the AP. (Not supported on all APs.)
Wireless Radio: MAC address of the wireless radio on the AP on which this VSC is
operating.
BSSID: Basic service set ID of the wireless network defined for this VSC.
macaddress:ssid: The MAC address of the AP radio, followed by a colon, followed by
the SSID configured on this VSC.
To Next Page
Loading...
Need help?
General
