To configure the radius server – 3Com Wireless LAN Controller WX2200 User Manual

60

C

HAPTER

3: C

ONFIGURING

W

IRELESS

S

ERVICES

Configure Attributes on the RADIUS Server

To authenticate users,

you will need to configure users either in the local database or on RADIUS
servers. To configure services for Employee access, the following items
should be configured on the RADIUS server.

To configure the RADIUS server

1 Configure RADIUS server to perform 802.1X using the recommended

EAP method PEAP + MSCHAPV2.

2 Setup each WX switch as a RADIUS client.

3 Define any desired 3Com vendor-specific attributes (VSAs) in the RADIUS

server’s dictionary.

The vendor-specific attributes (VSAs) created by 3Com are embedded
according to the procedure recommended in RFC 2865, with Vendor-ID
set to 14525. Table 10 describes the 3Com VSAs, listed in order by
vendor type number.

Table 10 3Com VSAs

Attribute

Type

Rcv in
Access
Resp?

Sent in
Access
Reqst?

Sent in
Acct
Reqst?

Description

VLAN-Name

26, 43, 2

Yes

No

Yes

Name of the VLAN to
which the client belongs.

Mobility-
Profile

26, 43, 3

Yes

No

No

Name of the Mobility
Profile used by the
authorized client.

Encryption-
Type

26, 43, 4

Yes

No

No

Type of encryption used
to authenticate the client.

Time-Of-Day

26, 43, 5

Yes

No

No

Day(s) and time(s) during
which a user can log into
the network.

SSID

26, 43, 6

Yes

No

Yes

Name of the SSID you
want the user to use. The
SSID must be configured
in a service profile, and
the service profile must be
used by a radio profile
assigned to 3Com radios
in the Mobility Domain.