3Com WX4400 3CRWX440095A User Manual

520

C

HAPTER

22: C

ONFIGURING

C

OMMUNICATION

WITH

RADIUS

Figure 33 Wireless Client, MAP, WX Switch, and RADIUS Servers

In the example shown in Figure 33, the following events occur:

1 The wireless user (client) requests an IEEE 802.11 association from the

MAP.

2 After the MAP creates the association, the WX switch sends an Extensible

Authentication Protocol (EAP) identity request to the client.

3 The client sends an EAP identity response.

4 From the EAP response, the WX switch gets the client’s username. The

WX switch then searches its AAA configuration, attempting to match the
client's username against the user globs in the AAA configuration.

When a match is found, the methods specified by the matching AAA
command in the WX configuration file indicate how the client is to be
authenticated, either locally on the WX switch, or via a RADIUS server
group.

5 If the client does not support 802.1X, MSS attempts to perform MAC

authentication for the client instead. In this case, if the switch’s
configuration contains a set authentication mac command that
matches the client’s MAC address, MSS uses the method specified by the
command. Otherwise, MSS uses local MAC authentication by default.

(For information about MAC client authentication, see “Configuring
MAC Authentication and Authorization” on page 457.)

WX switch

with local
database

Wireless
connection

Wired
connection(s)

RADIUS Server 1

RADIUS Server 2

1

3

2

4

Client (with laptop)

Client (with laptop)

Client (with PDA)

MAP

MAP