3com DUA1550-0AAA02 Manuale Utente

HAPTER

1: I

NTRODUCTION

Authorization

Once a user has successfully authenticated, the authorization process
determines which VLANs and QoS to return to the switch, as follows:

1 From the authentication rule selected, if any VLAN has been specified,

return the VLAN ID in the RADIUS response.

2 From the authentication rule selected, if a QoS profile has been specified,

return the QoS Profile ID in the RADIUS response.

Devices Supported

The following 3Com devices are supported by 3Com Network Access
Manager v1.1:

Ensure that the configurations of the devices on your network are
consistent with the security policy to be set up using 3Com Network
Access Manager.

Configuring Edge

Port Security

If VLANs are to be configured in 3Com Network Access Manager then
edge ports on switches across the network need to be set to a security
mode that supports auto-VLANS. If VLANs are not to be set up in 3Com
Network Access Manager, then the devices do not need to support
auto-VLANs.

In addition, the edge ports on switches must be set to consistent modes,
otherwise the same RADIUS response will yield different actions on
different ports. For example, RADA And Network Login only allows user
login if the RADIUS server returns Accept. RADA-Else-Network Login only
allows user login if the RADIUS server returns Reject.

Table 3 3Com Devices Supported By 3Com Network Access Manager

Device Type

Minimum Agent Version or
other requirement

SuperStack3 Switch 4400

v5.0

SuperStack3 Switch 4400 SE

v5.0

SuperStack4 Switch 5500

v1.0

Wireless LAN Access Point 8250

v3.2 supporting RADIUS and VSA

Wireless LAN Access Point 8750

v3.2 supporting RADIUS and VSA

Wireless LAN Access Point 7250

v3.2 supporting RADIUS and VSA