3Com Wireless LAN WX1200 User Manual

Page 256

background image

256

C

HAPTER

8: AAA C

OMMANDS

„

dap-num

— List of Distributed MAP connections through which any

user assigned this profile is allowed access. The same Distributed MAP
can be used in multiple Mobility Profile port lists.

Defaults — No default Mobility Profile exists on the WX switch. If you do
not assign Mobility Profile attributes, all users have access through all
ports, unless denied access by other AAA servers or by access control lists
(ACLs).

Access — Enabled.

History —Introduced in MSS Version 3.0.

Usage — To assign a Mobility Profile to a user or group, specify it as an
authorization attribute in one of the following commands:

set user attr mobility-profile name
set usergroup attr mobility-profile name
set mac-user attr mobility-profile name
set mac-usergroup attr mobility-profile name

To enable the use of the Mobility Profile feature on the WX switch, use
the set mobility-profile mode command.

CAUTION: When the Mobility Profile feature is enabled, a user is denied
access if assigned a Mobility-Profile attribute in the local WX switch
database or RADIUS server when no Mobility Profile of that name exists
on the WX switch.

To change the ports in a profile, use set mobility-profile again with the
updated port list.

Examples — The following commands create the Mobility Profile
magnolia, which restricts user access to port 2; enable the Mobility Profile
feature on the WX switch; and assign the magnolia Mobility Profile to
user Jose.

WX1200# set mobility-profile name magnolia port 2
success: change accepted.
WX1200# set mobility-profile mode enable
success: change accepted.
WX1200# set user Jose attr mobility-profile magnolia
success: change accepted.