3Com WX4400 3CRWX440095A User Manual

Configuring AAA for Users of Third-Party APs

485

„

Configure a MAC authentication rule for the AP. Use the following
command:

set authentication mac wired mac-addr-glob method1

„

Configure the WX port connected to the AP as a RADIUS proxy for the
SSID supported by the AP. If SSID traffic from the AP is tagged, assign
the same tag value to the WX port. Use the following command:

set radius proxy port port-list [tag tag-value] ssid
ssid-name

„

Add a RADIUS proxy entry for the AP. The proxy entry specifies the IP
address of the AP and the UDP ports on which the WX switch listens
for RADIUS access-requests and stop-accounting records from the AP.
Use the following command:

set radius proxy client address ip-address [port
udp-port-number] [acct-port acct-udp-port-number] key string

„

Configure a proxy authentication rule for the AP’s users. Use the
following command:

set authentication proxy ssid ssid-name user-glob
radius-server-group

For the port-list of the set port type wired-auth and set radius proxy
port commands, specify the WX port(s) connected to the third-party AP.

For the ip-address of the set radius proxy client address command,
specify the IP address of the RADIUS client (the third-party AP). For the
udp-port-number, specify the UDP port on which the WX switch will
listen for RADIUS access-requests. The default is UDP port 1812. For the
acct-udp-port-number, specify the UDP port on which the WX switch will
listen for RADIUS stop-accounting records. The default is UDP port 1813.

The following command configures WX ports 3 and 4 as wired
authentication ports, and assigns tag value 104 to the ports:

WX4400# set port type wired-auth 3-4 tag 104
success: change accepted.

You can specify multiple tag values. Specify the tag value for each SSID
you plan to support.