Overriding a profile’s management configuration – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 229
Brocade Mobility RFS Controller System Reference Guide
217
53-1003099-01
5
A captive portal configuration provides secure authenticated controller or service platform
access using a standard Web browser. Hotspots provides authenticated access by capturing
and re-directing a wireless user's Web browser session to a captive portal login page where the
user must enter valid credentials to access to the wireless network. Once logged into the
captive portal additional Agreement, Welcome and Fail pages provide the administrator with a
number of options on the hotspot’s screen flow and user appearance.
Either select an existing captive portal policy, use the default captive portal policy or select
the Create link to create a new configuration that can be applied to this profile. For more
information, see
Configuring Captive Portal Policies
.
6. Use the DHCP Server Policy drop-down menu assign this profile a DHCP server policy. If an
existing DHCP policy does not meet the profile’s requirements, select the Create icon to create
a new policy configuration that can be applied to this profile or the Edit icon to modify the
parameters of an existing DHCP Server policy.
Dynamic Host Configuration Protocol (DHCP) allows hosts on an IP network to request and be
assigned IP addresses as well as discover information about the network where they reside.
Each subnet can be configured with its own address pool. Whenever a DHCP client requests an
IP address, the DHCP server assigns an IP address from that subnet’s address pool. When the
onboard DHCP server allocates an address for a DHCP client, the client is assigned a lease,
which expires after an pre-determined interval. Before a lease expires, wireless clients (to
which leases are assigned) are expected to renew them to continue to use the addresses.
Once the lease expires, the client is no longer permitted to use the leased IP address. The
profile’s DHCP server policy ensures all IP addresses are unique, and no IP address is assigned
to a second client while the first client's assignment is valid (its lease has not expired).
7. Either select an existing captive portal policy or select the Create button to create a new
captive portal configuration that can be applied to this profile. For more information, see
Configuring Captive Portal Policies
8. Use the RADIUS Server Policy drop-down menu to select an existing RADIUS server policy to
use as a user validation security mechanism with this profile.
A profile can have its own unique RADIUS server policy to authenticate users and authorize
access to the network. A profile’s RADIUS policy provides the centralized management of
authentication data (usernames and passwords). When an client attempts to associate, the
controller or service platform sends the authentication request to the RADIUS server.
If an existing RADIUS server policy does not meet your requirements, select the Create icon to
create a new policy or the Edit icon to modify the parameters of an existing policy. For more
information, see
Setting the RADIUS Configuration
.
9. Select OK to save the changes or overrides made to the profile’s services configuration. Select
Reset to revert to the last saved configuration.
Overriding a Profile’s Management Configuration
Controllers and service platforms have mechanisms to allow/deny management access to the
network for separate interfaces and protocols (HTTP, HTTPS, Telnet, SSH or SNMP). These
management access configurations can be applied strategically to profiles as resource
permissions dictate. Additionally, overrides can be applied to customize a device’s management
configuration, if deployment requirements change an a devices configuration must be modified
from its original device profile configuration.