Nortel 2350 用户指南
Configuring AAA for network users 517
Nortel WLAN—Security Switch 2300 Series Configuration Guide
Authentication process for users of a third-party AP
1
WSS Software uses MAC authentication to authenticate the AP.
2
The user contacts the AP and negotiates the authentication protocol to be used.
3
The AP, acting as a RADIUS client, sends a RADIUS access-request to the WSS. The
access-request includes the SSID, the user’s MAC address, and the username.
access-request includes the SSID, the user’s MAC address, and the username.
4
For 802.1X users, the AP uses 802.1X to authenticate the user, using the WSS as its RADIUS
server. The WSS proxies RADIUS requests from the AP to a real RADIUS server, depending
on the authentication method specified in the proxy authentication rule for the user.
server. The WSS proxies RADIUS requests from the AP to a real RADIUS server, depending
on the authentication method specified in the proxy authentication rule for the user.
5
After successful RADIUS authentication of the user (or special username, for non-802.1X
users), WSS Software assigns authorization attributes to the user from the RADIUS server’s
access-accept response.
users), WSS Software assigns authorization attributes to the user from the RADIUS server’s
access-accept response.
6
When the user’s session ends, the third-party AP sends a RADIUS stop-accounting record to
the WSS. The WSS then removes the session.
the WSS. The WSS then removes the session.