3com WX1200 3CRWX120695A User Manual
Network User Configuration Scenarios
515
3 To assign Natasha to a VLAN named red, type the following command:
WX1200# set user Natasha attr vlan-name red
4 To assign Natasha a session timeout value of 1200 seconds, type the
following command:
WX1200# set user Natasha attr session-timeout 1200
5 Save the configuration:
WX1200# save config
success: configuration saved.
success: configuration saved.
Enabling
PEAP-MS-CHAP-V2
Offload
The following example illustrates how to enable PEAP-MS-CHAP-V2
offload. In this example, all EAP processing is offloaded from the RADIUS
server, but MS-CHAP-V2 authentication and authorization are done via a
RADIUS server. The MS-CHAP-V2 lookup matches users against the user
list on a RADIUS server.
offload. In this example, all EAP processing is offloaded from the RADIUS
server, but MS-CHAP-V2 authentication and authorization are done via a
RADIUS server. The MS-CHAP-V2 lookup matches users against the user
list on a RADIUS server.
1 Configure the RADIUS server r1 at IP address 10.1.1.1 with the string
starry for the key. Type the following command:
WX1200# set radius server r1 address 10.1.1.1 key starry
2 Configure the server group sg1 with member r1. Type the following
command:
WX1200# set server group sg1 members r1
3 Enable all 802.1X users of SSID thiscorp using PEAP-MS-CHAP-V2 to
authenticate MS-CHAP-V2 on server group sg1. Type the following
command:
command:
WX1200# set authentication dot1x ssid thiscorp *
peap-mschapv2 sg1
peap-mschapv2 sg1
4 Save the configuration:
WX1200 save config
success: configuration saved.
success: configuration saved.