beautypg.com

Ap-2500 authentication methods – Proxim ORiNOCO AP-2500 User Manual

Page 54

background image

54

AP-2500 Authentication Methods

16. Return to the Internet Authentication Services window and right-click the Remote Access Policies

entry in the navigation tree.

17. Select New Remote Access Policy from the drop-down menu.
18. Enter a Policy friendly name in the field provided and click Next.
19. Click Add.
20. Select Windows-Groups from the list and click Add.
21. Click Add again to view the list of groups.
22. Select the group that contains your AP’s subscribers and click Add.
23. Click OK twice and click Next.
24. Select Grant remote access permission and click Next.
25. Click Edit Profile and select the Authentication tab.
26. Select Unencrypted Authentication (PAP, SPAP) as the authentication method and click OK.
27. Click Finish.

4. The AP-2500 supports four Vendor-Specific Attributes (VSAs) designed by Nomadix, Inc. Configure the following

VSAs, if desired:

NOTE

See

RADIUS Messages and RADIUS Attributes

for the list of all supported RADIUS attributes.

Nomadix-Bw-Up (attribute number: 1; format: integer/decimal; attribute value: enter upstream bandwidth)
— This attribute value (in Kbps) restricts the speed at which subscriber uploads are performed.

Nomadix-Bw-Down (attribute number: 2; format: integer/decimal; attribute value: enter downstream
bandwidth)
— This attribute value (in Kbps) restricts the speed at which subscriber downloads are performed.

Nomadix-URL-Redirection (attribute number: 3; format: string; attribute value: enter redirection URL)
— This attribute allows the administrator to redirect the user to a page of the administrator's choice after

every successful login.

— Enter the redirection URL in the following format: http://www.myhotspot.com/

Nomadix-IP-Upsell (attribute number: 4; format: integer/decimal; attribute value: enter 1 to enable)
— This attribute allows the user to receive a public address from a DHCP pool (typically relay DHCP server)

when the AP has the IP-Upsell feature enabled.

The following steps describe how to configure the VSAs if using IAS:

NOTE

With Windows 2000 IAS, you configure RADIUS attributes based on Remote Access Policies. In other words,
you must apply the same attributes to all Group members identified by a particular policy. Other RADIUS
applications allow you to assign attributes on a per-user basis.

1.

Click Start > Programs > Administrative Tools > Internet Authentication Services.

2.

Click the Remote Access Policies entry in the navigation tree.

3.

Right-click the policy for which you want to enable one or more VSAs and choose Properties.

4.

Click Edit Profile... > Advanced and click Add.

5.

Select Vendor Specific and click Add.

6.

Click Add and select Enter Vendor Code.

7.

Enter 3309 in the Vendor code: field and select Yes, it conforms.

8.

Click Configure Attribute and enter the Vendor-assigned attribute number, Attribute format (string or
decimal) and the Attribute value (see above to determine what settings to use).

9.

Click OK twice.

10. Enter additional VSAs or click OK to continue.
11. Click Close.
12. Click OK twice.