Configuring web portal webaaa, Web portal webaaa configuration example – 3Com WX4400 3CRWX440095A User Manual

Configuring Web Portal WebAAA

467

Configuring Web

Portal WebAAA

To configure Web Portal WebAAA:

1 Configure an SSID or wired authentication port and set the fallthru

authentication type to web-portal. The default for SSIDs and for wired
authentication ports is none.

2 Configure individual WebAAA users. Because the VLAN is assigned based

on the service profile (where it is set by the attr vlan-name vlan-id
option) or web-portal-wired user (where it is set to default), MSS
ignores the VLAN-Name and Tunnel-Private-Group-ID attributes.
However, MSS does assign other attributes if set.

3 Configure web authentication rules for the WebAAA users.

4 Save the configuration changes.

Web Portal WebAAA Configuration Example

This example configures Web-Portal access to SSID mycorp.

1 Configure the user VLAN on ports 2 and 3, and configure an IP interface

on the VLAN:

WX1200# set vlan mycorp-vlan port 2-3
success: change accepted.
WX1200# set interface mycorp-vlan ip 192.168.12.10
255.255.255.0
success: change accepted.

The VLAN does not need to be configured on the switch where you
configure Web Portal but the VLAN does need to be configured on a
switch somewhere in the Mobility Domain. The user’s traffic will be
tunneled to the switch where the VLAN is configured.

2 Configure the service profile for SSID mycorp. Configuration includes the

following:

„

Set the SSID name.

„

Change the fallthru authentication type to web-portal.

„

Set the default VLAN to mycorp-vlan (created in step 1.) MSS will
place Web-Portal users into this VLAN.

„

Enable RSN (WPA2) data encryption with CCMP. (This example
assumes clients support this encryption type.) TKIP is enabled by
default and is left enabled in this example.

WX1200# set service-profile mycorp-srvcprof ssid-name mycorp
success: change accepted.