Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 854
Brocade Mobility RFS Controller CLI Reference Guide
841
53-1003098-01
8
accounting server <1-6> nai-routing realm-type [prefix|suffix] realm
<REALM-NAME> {strip}
authentication server <1-6> onboard [controller|self]
authentication server <1-6> proxy-mode
[none|through-controller|through-mint-host <HOSTNAME/MINT-ID>|
through-rf-domain-manager]
server <1-6>
Configures a RADIUS authentication server. Up to 6 RADIUS servers can be configured.
•
<1-6> – Specifies the RADIUS server index from 1 - 6.
nai-routing
Enables NAI routing. When enabled, AAA servers identify clients using NAI.
The NAI is a character string in the format of an e-mail address as either user or user@ but it need not be a
valid e-mail address or a fully qualified domain name. The NAI can be used either in a specific or generic
form. The specific form, which must contain the user portion and may contain the @ portion, identifies a
single user. The generic form allows all users in a given or without a to be configured on a single command
line. Each user still needs a unique security association, but these associations can be stored on a AAA
server. The original purpose of the NAI was to support roaming between dial up ISPs. Using NAI, each ISP
need not have all the accounts for all of its roaming partners in a single RADIUS database. RADIUS servers
can proxy requests to remote servers for each.
realm-type [prefix|suffix]
Configures the realm-type used for NAI authentication
•
prefix – Sets the realm prefix. For example, in the realm name ‘AC\JohnTalbot’, the prefix is ‘AC’ and
the user name ‘JohnTalbot’.
•
suffix – Sets the realm suffix. For example, in the realm name ‘[email protected]’ the suffix is
‘AC.org’ and the user name is ‘JohnTalbot’.
realm
<REALM-NAME>
Sets the realm information used for RADIUS authentication. The realm name should not exceed 50
characters. When the wireless controller or access point’s RADIUS server receives a request for a user
name the server references a table of usernames. If the user name is known, the server proxies the request
to the RADIUS server.
•
<REALM-NAME> – Sets the realm used for authentication. This value is matched against the user
name provided for RADIUS authentication.
Example:
Prefix - AC\JohnTalbot
Suffix - [email protected]
strip
Optional. Indicates the realm name must be stripped from the user name before sending it to the RADIUS
server for authentication. For example, if the complete username is ‘AC\JohnTalbot’, then with the strip
parameter enabled, only the ‘JohnTalbot’ part of the complete username is sent for authentication.
server <1-6>
Configures a RADIUS authentication server. Up to 6 RADIUS servers can be configured.
•
<1-6> – Specify the RADIUS server index from 1 - 6.
onboard [controller|self]
Selects the onboard RADIUS server for authentication instead of an external host
•
controller – Configures the wireless controller, to which the AP is adopted, as the onboard wireless
controller
•
self – Configures the onboard server on the device (AP or wireless controller) where the client is
associated as the onboard wireless controller
server <1-6>
Configures a RADIUS authentication server. Up to 6 RADIUS servers can be configured.
•
<1-6> – Sets the RADIUS server index between 1 - 6
proxy-mode
[none|
through-controller|
through-mint-host
<HOSTNAME/MINT-ID>|
through-rf-domain-manager
]
Configures the mode for proxying a request
•
none – Proxying is not done. The packets are sent directly using the IP address of the device.
•
through-controller – Traffic is proxied through the wireless controller configuring this device
•
through-mint-host <HOSTNAME/MINT-ID> – Traffic is proxied through a neighboring MiNT device.
Provide the device’s hostname or MiNT ID.
•
through-rf-domain-manager – Traffic is proxied through the local RF Domain manager