Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 362

Advertising
background image

350

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

7

FIGURE 4

AAA Policy - RADIUS Authentication screen

4. Refer to the following AAA authentication policy data.

Server ID

Displays the numerical server index (1-6) for the accounting server when added to the list available.

Host

Displays the IP address or hostname of the RADIUS authentication server.

Port

Displays the port on which the RADIUS server listens to traffic within the network. The port range is
1 to 65,535. The default port is 1812.

Server Type

Displays the type of AAA server in use either Host, onboard-self, or onboard-controller.

Request Proxy Mode

Displays whether a request is transmitted directly through the server or proxied through the Access
Point or RF Domain manager.

Request Attempts

Displays the number of attempts a client can retransmit a missed frame to the RADIUS server
before it times out of the authentication session. The available range is between 1 and 10
attempts. The default is 3 attempts.

Request Timeout

Displays the time (from 1 - 60) seconds for the re-transmission of request packets. The default is 3
seconds. If this time is exceeded, the authentication session is terminated.

DSCP

Displays the DSCP value as a 6-bit parameter in the header of every IP packet used for packet
classification. The valid range is from 0 - 63 with a default of 46.

NAI Routing Enable

Displays NAI routing status. AAA servers identify clients using the NAI. The NAI is a character string
in the format of an e-mail address as either user or user@ but it need not be a valid e-mail address
or a fully qualified domain name. The NAI can be used either in a specific or generic form. The
specific form, which must contain the user portion and may contain the @ portion, identifies a
single user. The generic form allows all users in a given or without a to be configured on a single
command line. Each user still needs a unique security association, but these associations can be
stored on a AAA server. The original purpose of the NAI was to support roaming between dialup
ISPs. Using NAI, each ISP need not have all the accounts for all of its roaming partners in a single
RADIUS database. RADIUS servers can proxy requests to remote servers for each.

NAC Enable

A green check defines NAC as enabled, while a Red X defines NAC disabled with this AAA policy.

Advertising
Popular Brands
Popular manuals