Cisco Cisco 5520 Wireless Controller 기술 매뉴얼

Configure the WLC.

2. 

Configure the Wireless Client Utility.

3. 

The RADIUS server configuration is divided into four steps:

Configure network resources.

1. 

Configure users.

2. 

Define policy elements.

3. 

Apply access policies.

4. 

ACS 5.x is a policy−based access control system. That is, ACS 5.x uses a rule−based policy model instead of
the group−based model used in the 4.x versions.

The ACS 5.x rule−based policy model provides more powerful and flexible access control compared to the
older group−based approach.

In the older group−based model, a group defines policy because it contains and ties together three types of
information:

Identity information − This information can be based on membership in AD or LDAP groups or a
static assignment for internal ACS users.

• 

Other restrictions or conditions − Time restrictions, device restrictions, and so on.

• 

Permissions − VLANs or Cisco IOS

®

 privilege levels.

• 

The ACS 5.x policy model is based on rules of the form:

If condition then result

• 

For example, we use the information described for the group−based model:

If identity−condition, restriction−condition then authorization−profile.

• 

As a result, this gives us the flexibility to limit under what conditions the user is allowed to access the network
as well as what authorization level is allowed when specific conditions are met.

In this section, we configure the AAA Client for the WLC on the RADIUS Server.

This procedure explains how to add the WLC as a AAA client on the RADIUS server so that the WLC can
pass the user credentials to the RADIUS server.

Complete these steps:

From the ACS GUI, go to Network Resources > Network Device Groups > Location, and click
Create (at the bottom ).

1.