User authentication, accounts, and addressing
VPN-based authentication
10-24
VPN-based authentication
VPN-based authentication can be used to provide secure access for client stations on VSCs
that do not have encryption enabled.
VPN-based authentication has the following properties:
Authentication is managed by the controller.
Applies to wireless and wired users.
Settings are defined on a per-VSC basis.
Can only be used on access-controlled VSCs.
Configured using the Add/Edit Virtual Service Community configuration page in the
management tool.
User credentials can be validated using:
Local user accounts on the controller
External RADIUS server
Active Directory
If you enable this option for a VSC, all wireless users on the VSC must establish a VPN
connection. No other authentication methods (HTML, MAC, 802.1X) can be used on the
VSC.
When users configure their VPN software, they must specify the controller’s LAN port
address as the address of the VPN server.
To use this option, one or more of the following VPN features must be enabled and
configured on the Controller >> VPN menu: L2TP server, PPTP server, or IPSec. Once
this is done, VPN support can be enabled on a per-VSC basis and users can connect to any
active VPN server.
On the MSM760 and MSM765 a maximum of 50 user sessions are supported across all
VSCs. On the MSM710 the limit is 10 sessions.
Configuring VPN-based authentication on a VSC
Each VSC can have unique settings for VPN-based user logins. These settings are defined on
the VSC profile page. (To open this page, see Viewing and editing VSC profiles on page 5-4).
To Next Page
Loading...
Need help?
General
