Network Configuration 7 - 19
8. Define the following settings to add or modify AAA RADIUS authentication server configuration:
9. Set the following Network Address Identifier (NAI) Routing settings:
Server Id Define the numerical server index (1-6) for the authentication server to differentiate it
from others available to the access point’s AAA policy.
Host Specify the IP address or hostname of the RADIUS authentication server.
Port Define or edit the port on which the RADIUS server listens to traffic within then access
point managed network. The port range is 1 to 65,535. The default port is 1812.
Server Type Select the type of AAA server as either Host, onboard-self or onboard-controller. AP6511
and AP6521 models do not have an onboard authentication resource and must use an
external server or Virtual Controller AP resource.
Secret Specify the secret used for authentication on the selected RADIUS server. By default the
secret will be displayed as asterisks.
Request Proxy Mode Select the method of proxy that browsers communicate with the RADIUS authentication
server. The mode could either be None, Through Wireless Controller or Through RF
Domain Manager.
Proxy Mint Host Specify the hostname (if the device is a Level-1 MiNT neighbor) or the Mint-ID of the Mint
device to proxy hosts through.
Request Attempts Specify the number of attempts a client can retransmit a missed frame to the RADIUS
server before it times out of the authentication session. The available range is from 1 - 10.
The default is 3.
Request Timeout Specify the time from 1 - 60 seconds for the access point’s re-transmission of request
packets. If this time is exceeded, the authentication session is terminated. The default is
3 seconds.
Retry Timeout Factor Specify the time from 50 - 200 seconds between retry timeouts for the access points’s re-
transmission of request packets. The default is 100.
DSCP Specify the DSCP value as a 6-bit parameter in the header of every IP packet used for
packet classification. The valid range is from 0 - 63, with a default value of 46.
NAI Routing Enable Select this check box to enable NAI routing. AAA servers identify clients using the NAI.
The NAI is a character string in the format of an E-mail address as either user or user@
but it need not be a valid E-mail address or a fully qualified domain name. NAI can be used
either in a specific or generic form. The specific form, which must contain the user portion
and may contain the @ portion, identifies a single user. Each user still needs a unique
security association, but these associations can be stored on a AAA server. The original
purpose of NAI was to support roaming between dialup ISPs. Using NAI, each ISP need
not have all the accounts for all of its roaming partners in a single RADIUS database.
RADIUS servers can proxy requests to remote servers for each user credential.
Realm Enter the realm name in the field. The name cannot exceed 64 characters. When the
access point RADIUS server receives a request for a user name the server references a
table of user names. If the user name is known, the server proxies the request to the
RADIUS server.
Realm Type Specify the type of realm that is being used, either Prefix or Suffix.
To Next Page
Loading...
