Auto provisioning policies – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

242

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

5

Select the Priority check box (within the RF Domain Manager section) to set a priority value
for this specific profile managed device. Once enabled, use the spinner control to set a
device priority between 1 - 255. The higher the number set, the higher the priority in the RF
Domain manager election process.

Configure a Root Path Monitor Interval (from1 - 65,535 seconds) to specify how often to check if
the mesh point is up or down.

Set the Additional Port value (within the RADIUS Dynamic Authorization field) to 1700 to enable a
CISCO Identity Services Engine (ISE) Authentication, Authorization and Accounting (AAA) server to
dynamically authenticate a client.

When a client requests access to a CISCO ISE RADIUS server supported network, the
server presents the client with a URL where a device’s compliance is checked for definition
file validity (this form of file validity checking is called posture). If the client device
complies, it is allowed access to the network.

Set the Aging Time value for a dedicated Client Bridge. Use the spinner control to set a value in
Days (1 -8), Hours
(1 - 183), Minutes (1 - 10, 923) and Seconds (10 - 655, 350). The aging time represents the time
this MAC address is allowed to remain on the network since its last update. The default setting is
10 minutes.

Select OK to save the changes made to the profile’s Advanced Miscellaneous configuration. Select
Reset to revert to the last saved configuration.

Auto Provisioning Policies

Wireless devices can adopt other wireless devices. For example, a wireless controller can adopt an
number of Access Points. When a device is adopted, the device configuration is determined by the
adopting device. Since multiple configuration policies are supported, an adopting device needs to
determine which configuration policies should be used for a given adoptee. Auto Provisioning
Policies determine which configuration policies are used for an adoptee based on some of its
properties. For example, a configuration policy could be assigned based on MAC address, IP
address, CDP snoop strings, etc.

Once created an auto provisioning policy can be used in profiles or device configuration objects. An
auto provisioning policy contains a set of ordered by precedence rules that either deny or allow
adoption based on potential adoptee properties and a catch-all variable that determines if the
adoption should be allowed when none of the rules is matched. All rules (both deny and allow) are
evaluated sequentially starting with the rule with the lowest precedence. The evaluation stops as
soon as a rule has been matched, no attempt is made to find a better match further down in the
set.