Creating an exclude list, Configuring the wlan for nac – Brocade Mobility RFS7000-GR Controller System Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual

Page 163

Advertising

background image

Brocade Mobility RFS7000-GR Controller System Reference Guide

149

53-1001944-01

Viewing and configuring switch WLANs

4

2. Add a host entry to the include list. This adds a specified MAC entry/MAC range into the client’s

include list.

RF Switch(config-wireless-client-list) #station pc1 AA:BB:CC:DD:EE:FF

RF Switch(config-wireless-client-list) #

3. Associate the include list to a WLAN. This adds the client’s include list into the WLAN.

RF Switch(config-wireless-client-list) #wlan 1

RF Switch(config-wireless-client-list) #

Creating an exclude list

To create a NAC Exclude List:

1. Define the NAC include list.

RF Switch(config-wireless) #client exclude-list Desktop

RF Switch(config-wireless-client-list) #

2. Add a host entry into the exclude list.

RF Switch(config-wireless-client-list) #station pc10 AB:BC:CD:DE:EF:FA

RF Switch(config-wireless-client-list) #

3. Associate the exclude list to a WLAN.

RF Switch(config-wireless-client-list) #wlan 1

RF Switch(config-wireless-client-list) #

Configuring the WLAN for NAC

Many handheld devices are required to bypass NAC and a few laptops and desktops are required
to be NAC validated.

1. Set the NAC mode for WLAN. A NAC validation is conducted for station entries in the include

list. The station entries are authenticated using the RADIUS server.

RF Switch(config-wireless) #wlan 1 nac-mode bypass-nac-except-include-list

RF Switch (config-wireless) #

2. Configure the WLAN’s NAC server settings.

a. Configure the NAC Server’s IP address.

RF Switch(config-wireless) #wlan 1 nac-server primary 192.168.1.10

RF Switch(config-wireless) #

b. Configure the NAC Server’s RADIUS Key.

RF Switch(config-wireless) #wlan 1 nac-server primary RADIUS-key my-secret

RF Switch(config-wireless) #

NOTE

Configure the secondary NAC server for redundancy.

c. Configure the secondary NAC server’s IP address.

RF Switch(config-wireless) #wlan 1 nac-server secondary 192.168.1.20

RF Switch(config-wireless) #

d. Configure the secondary NAC Server’s RADIUS Key.

RF Switch(config-wireless) #wlan 1 nac-server secondary RADIUS-key my secret-2

RF Switch(config-wireless) #

Advertising

Popular Brands

Popular manuals