3Com Wireless LAN WX1200 User Manual
Page 240
240
C
HAPTER
8: AAA C
OMMANDS
Usage — You can configure different authentication methods for
different groups of MAC addresses by “globbing.” (For details, see “User
Globs, MAC Address Globs, and VLAN Globs” on page 26.)
If you specify multiple authentication methods in the set authentication
mac command, MSS applies them in the order in which they appear in
the command, with these results:
If the first method responds with pass or fail, the evaluation is final.
If the first method does not respond, MSS tries the second method, and so on.
However, if local appears first, followed by a RADIUS server group, MSS
ignores any failed searches in the local WX database and sends an
authentication request to the RADIUS server group.
If the switch’s configuration contains a set authentication mac
command that matches the SSID the user is attempting to access and the
user’s MAC address, MSS uses the method specified by the command.
Otherwise, MSS uses local MAC authentication by default.
If the username does not match an authentication rule for the SSID the
user is attempting to access, MSS uses the fallthru authentication type
configured for the SSID, which can be last-resort, web (for WebAAA),
or none.
Examples — To use the local WX database to authenticate all users who
access the mycorp2 SSID by their MAC address, type the following
command:
WX4400# set authentication ssid mycorp2 mac ** local
success: change accepted.
See Also
clear authentication mac on page 208
set authentication admin on page 229
set authentication console on page 231
set authentication dot1x on page 233
set authentication last-resort on page 236