beautypg.com

Enabling peap-ms-chap-v2 offload – 3Com WX4400 3CRWX440095A User Manual

Page 515

background image

Network User Configuration Scenarios

515

3 To assign Natasha to a VLAN named red, type the following command:

WX1200# set user Natasha attr vlan-name red

4 To assign Natasha a session timeout value of 1200 seconds, type the

following command:

WX1200# set user Natasha attr session-timeout 1200

5 Save the configuration:

WX1200# save config
success: configuration saved.

Enabling

PEAP-MS-CHAP-V2

Offload

The following example illustrates how to enable PEAP-MS-CHAP-V2
offload. In this example, all EAP processing is offloaded from the RADIUS
server, but MS-CHAP-V2 authentication and authorization are done via a
RADIUS server. The MS-CHAP-V2 lookup matches users against the user
list on a RADIUS server.

1 Configure the RADIUS server r1 at IP address 10.1.1.1 with the string

starry for the key. Type the following command:

WX1200# set radius server r1 address 10.1.1.1 key starry

2 Configure the server group sg1 with member r1. Type the following

command:

WX1200# set server group sg1 members r1

3 Enable all 802.1X users of SSID thiscorp using PEAP-MS-CHAP-V2 to

authenticate MS-CHAP-V2 on server group sg1. Type the following
command:

WX1200# set authentication dot1x ssid thiscorp *
peap-mschapv2 sg1

4 Save the configuration:

WX1200 save config
success: configuration saved.

See also other documents in the category 3Com Computer Accessories: