Vivato Inc. VLJ24WFSW ユーザーズマニュアル
Vivato 2.4 GHz Wi-Fi Switch User Guide
121
Command Line Interface
Enable Level Command Descriptions
The administrator may configure: (a) Key refresh and session timeout. (b) Key refresh only. (c)
Session timeout only. If Key Refresh Timeout >= Session Timeout, the Key Refresh Timeout is
ignored.
Session timeout only. If Key Refresh Timeout >= Session Timeout, the Key Refresh Timeout is
ignored.
(4) VLAN Configuration - Set by Profile>Advanced:
1
•
Tunnel-Medium-Type: value = 6, (802 media)
•
Tunnel-Type: value = 13, (VLAN)
•
Tunnel-Private-Group-ID: value = ASCII coded VLAN ID (a string without a null terminator).
This is the VLAN in the Wi-Fi Switch that clients are assigned to after authentication.
This is the VLAN in the Wi-Fi Switch that clients are assigned to after authentication.
After a client is authenticated, if its VLAN is configured, the client MAC address is added to the
configured VLAN by the Wi-Fi Switch. If there is no VLAN configuration for the client, then:
configured VLAN by the Wi-Fi Switch. If there is no VLAN configuration for the client, then:
•
(a) if there is default VLAN configured on the Wi-Fi Switch, then the client is added to
default VLAN, if not...
default VLAN, if not...
•
(b) the client data packets are dropped by the switch.
If item 1 is changed on the Windows 2000 IAS, then the Wi-Fi Switch needs to be rebooted in order
to force all clients to re-authenticate using the new policy. Items 2, 3, and 4 can be changed and
applied to the next authenticated client without system reboot.
to force all clients to re-authenticate using the new policy. Items 2, 3, and 4 can be changed and
applied to the next authenticated client without system reboot.
Wi-Fi Switch EAP Configuration Example
The following example shows how EAP may be configured on the Wi-Fi Switch to work with
Windows 2000 IAS:
Windows 2000 IAS:
Note:
When making changes to an existing EAP configuration, you should disable EAP
before making the changes, and then re-enable EAP after making the changes to
re-initialize EAP using the new configuration.
before making the changes, and then re-enable EAP after making the changes to
re-initialize EAP using the new configuration.
eap
Enable the EAP security daemon. This command must be issued before EAP can be used, and
re-issued after making any changes to the EAP configuration. The default EAP state is disabled.
re-issued after making any changes to the EAP configuration. The default EAP state is disabled.
1. These tunneling attributes must be set regardless of the type of RADIUS server you are using.
vivato (config)$
no
eap
vivato (config)$
eap server 1 191.173.0.149 1812 3 5
vivato (config)$
eap secret 1 authserveronesecretforpeap
vivato (config)$
eap max-auth-error 3
vivato (config)$
eap max-encrypt-error 3
vivato (config)$
eap auth-threshold 20
vivato (config)$
eap encrypt-threshold 5
vivato (config)$
eap ifname interface bridge 0
vivato (config)$
eap nas myauthclient
vivato (config)$
eap conn-info CONNECT_11Mbps_802.11b
vivato (config)$
eap