Roles and Policies
15.4 Configuring Derivation Rules
SCALANCE W1750D UI
Configuration Manual, 02/2018, C79000-G8976-C451-02
271
For example, to create a role assignment rule with the DHCP option, select
from the
drop- down list and enter 370103060F77FC in the
text box. Since
370103060F77FC is the fingerprint for Apple iOS devices such as iPad and iPhone, AP
assigns Apple iOS devices to the role that you choose.
Android Option 60 3C64686370636420342E302E3
Windows 7/Vista Desktop Option 55 37010f03062c2e2f1f2179f92b
Windows XP (SP3, Home, Pro-
Option 55 37010f03062c2e2f1f21f92b
Windows Mobile Option 60 3c4d6963726f736f66742057696
Creating a Role Derivation Rule
You can configure rules for determining the role that is assigned for each authenticated
client.
Note
When creating more than one role assignment rule, the first matching rule in the rule list is
applied.
You can create a role assignment rule by using the SCALANCE W UI or the CLI.
1. Navigate to the WLAN wizard or the Wired settings window:
–
To configure access rules for a WLAN SSID, in the
tab, click
to create a
new network profile or
to modify an existing profile.
– To configure access rules for a wired profile, go to
. In the
window, click
under
to create a new network or click
to
select an existing profile.
2. Click the
tab.
3. Under
, click
. The
window allows you
to define a match method by which the string in
Operand
is matched with the attribute
value returned by the authentication server.
4. Select the attribute that matches with the rule from the
drop-down list. The list of
supported attributes includes RADIUS attributes, dhcp-option, dot1x-authentication-type,
mac-address, and mac- address-and-dhcp-options. For information on a list of RADIUS
attributes, see
RADIUS Server Authentication with VSA (Page 209).
To Next Page
Loading...
