Set location policy – 3Com WXR100 3CRWXR10095A User Manual
Page 304
304
C
HAPTER
8: AAA C
OMMANDS
Examples — The following command configures a WebAAA rule in the
local WX database for SSID ourcorp and userglob rnd*:
WX4400# set authentication web ssid ourcorp rnd* local
success: change accepted.
See Also
clear authentication proxy on page 266
set authentication admin on page 287
set authentication console on page 289
set authentication dot1x on page 291
set authentication mac on page 295
set location policy
Creates and enables a location policy on a WX. The location policy
enables you to locally set or change authorization attributes for a user
after the user is authorized by AAA, without making changes to the AAA
server.
Syntax —
set location policy deny
if {ssid operator ssid-name
| vlan operator vlan-glob | user operator user-glob | port
port-list | ap ap-num} [before rule-number | modify
rule-number ]
Syntax —
set location policy permit
{vlan vlan-name | inacl inacl-name | outacl outacl-name}
if
{ssid operator ssid-name | vlan operator vlan-glob | user
operator user-glob | port port-list | ap ap-num}
[before rule-number | modify rule-number]
deny
— Denies access to the network to users with attributes that
match the location policy rule.
permit
— Allows access to the network or to a specified VLAN,
and/or assigns a particular security ACL to users with attributes
matching match the location policy rule.
Action options
— For a permit rule, MSS changes the attributes
assigned to the user to the values specified by the following options:
vlan
vlan-name
— Name of an existing VLAN to assign to users with
attributes matching the location policy rule.