3com WX1200 3CRWX120695A Manuel D’Utilisation

Configuring Web Portal WebAAA

467

Configuring Web

Portal WebAAA

To configure Web Portal WebAAA:

1 Configure an SSID or wired authentication port and set the fallthru

authentication type to web-portal. The default for SSIDs and for wired
authentication ports is none.

2 Configure individual WebAAA users. Because the VLAN is assigned based

on the service profile (where it is set by the attr vlan-name vlan-id
option) or web-portal-wired user (where it is set to default), MSS
ignores the VLAN-Name and Tunnel-Private-Group-ID attributes.
However, MSS does assign other attributes if set.

3 Configure web authentication rules for the WebAAA users.

4 Save the configuration changes.

Web Portal WebAAA Configuration Example

This example configures Web-Portal access to SSID mycorp.

1 Configure the user VLAN on ports 2 and 3, and configure an IP interface

on the VLAN:

WX1200# set vlan mycorp-vlan port 2-3
success: change accepted.
WX1200# set interface mycorp-vlan ip 192.168.12.10
255.255.255.0
success: change accepted.

The VLAN does not need to be configured on the switch where you
configure Web Portal but the VLAN does need to be configured on a
switch somewhere in the Mobility Domain. The user’s traffic will be
tunneled to the switch where the VLAN is configured.

2 Configure the service profile for SSID mycorp. Configuration includes the

following:

Set the SSID name.

Change the fallthru authentication type to web-portal.

Set the default VLAN to mycorp-vlan (created in step 1.) MSS will
place Web-Portal users into this VLAN.

Enable RSN (WPA2) data encryption with CCMP. (This example
assumes clients support this encryption type.) TKIP is enabled by
default and is left enabled in this example.

WX1200# set service-profile mycorp-srvcprof ssid-name mycorp
success: change accepted.