3com DUA1550-0AAA02 Manuel D’Utilisation
Concepts and Terminology
15
systems. As a RADIUS server, IAS performs centralized connection
authentication, authorization, and accounting for network access servers
(desktop switches and wireless access points acting as radius clients), see
Figure 2.
authentication, authorization, and accounting for network access servers
(desktop switches and wireless access points acting as radius clients), see
Figure 2.
Remote Access Policy
For 3Com Network Access Manager to authenticate users and computers
accessing the network, an IAS Remote Access Policy must be created.
Appendix A provides step by step instructions on how to create a Remote
Access Policy.
accessing the network, an IAS Remote Access Policy must be created.
Appendix A provides step by step instructions on how to create a Remote
Access Policy.
In a mixed-vendor network where only 3Com switches are to be
authenticated through 3Com Network Access Manager, the Remote
Access Policy needs to be adjusted to only match 3Com devices.
authenticated through 3Com Network Access Manager, the Remote
Access Policy needs to be adjusted to only match 3Com devices.
Figure 2 Network Access Servers within a Domain
Rules
3Com Network Access Manager provides its functionality through a set
of rules implemented in Active Directory. Each rule comprises a priority, a
Network Access setting (allow/deny), an optional authorization response
(VLAN and QoS), and an optional EFW policy name.
of rules implemented in Active Directory. Each rule comprises a priority, a
Network Access setting (allow/deny), an optional authorization response
(VLAN and QoS), and an optional EFW policy name.
Users, groups and computers (through the MAC address of the PC) are
associated with rules. When multiple rules are associated with a user,
group or computer then the rule with the highest priority takes
precedence.
associated with rules. When multiple rules are associated with a user,
group or computer then the rule with the highest priority takes
precedence.
Microsoft
Active Directory
Active Directory
Microsoft
Active Directory
Active Directory
Microsoft
Internet
Authentication
Service with
3Com Network
Access Manager
Internet
Authentication
Service with
3Com Network
Access Manager
Microsoft
Internet
Authentication
Service with
3Com Network
Access Manager
Internet
Authentication
Service with
3Com Network
Access Manager
SuperStack3 Switch 4400
SuperStack4 Switch 5500
Wireless LAN Access Points
RADIUS protocol
with VLAN and
QoS associations
with VLAN and
QoS associations
RADIUS protocol
with VLAN and
QoS associations
with VLAN and
QoS associations
Network Access
Servers
Servers