Extreme Networks Summit WM Series Guía de usuario Pagina 64
- Pagina / 228
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
WM Access Domain Services (WM-AD): Introduction
Summit WM-Series WLAN Switch and Altitude Access Point Software Version 1.0 User Guide
64
identification is sent by the Summit WM-Series Switch to the RADIUS server for authentication. Four
authentication types are supported by Summit WM-Series Switch Software for Captive Portal:
● PAP (Password Authentication Protocol)
● CHAP (Challenge Handshake Authentication Protocol)
● MS CHAP (Windows-specific version of CHAP)
● MS CHAP v2 (Windows-specific version of CHAP, version 2)
For Captive Portal, the RADIUS server must support the selected authentication type: PAP, CHAP
(RFC2484), MS-CHAP (RFC2433), MS-CHAPv2 (RFC2759).
Authentication with AAA (802.1x) network assignment
If network assignment is by AAA (802.1x) with 802.1x authentication, the wireless device user
requesting network access via Summit WM-Series Switch Software must first be authenticated. The
wireless device's client utility must support 802.1x. The user's request for network access along with
login identification or user profile will be forwarded by the Summit WM-Series Switch to a RADIUS
server. Summit WM-Series Switch Software supports these authentication types:
● EAP-TLS Extensible Authentication Protocol - Transport Layer Security that relies on client-side and
server-side certificates to perform authentication and can be used to dynamically generate user-
based and session-based WEP keys.
● EAP-TTLS (EAP with Tunneled Transport Layer Security) is an extension of EAP-TLS to provide
certificate-based, mutual authentication of the client and network through an encrypted tunnel, as
well as to generate dynamic, per-user, per-session WEP keys. Unlike EAP-TLS, EAP-TTLS requires
only server-side certificates.
● PEAP (Protected Extensible Authentication Protocol) is a standard to authenticate wireless LAN
clients without requiring them to have certificates. In PEAP authentication, first the user
authenticates the authentication server, then the authentication server authenticates the user.
For 802.1x, the RADIUS server must support RADIUS extensions (RFC2869).
If the RADIUS server sends an “access-accept” message to the Summit WM-Series Switch, the Summit
WM-Series Switch's DHCP server assigns the device its IP address and allows network access controlled
by the filtering rules defined for the specific Filter ID value associated with the wireless device user.
Both Captive Portal and AAA (802.1x) authentication mechanisms in Summit WM-Series Switch
Software rely on a RADIUS server on the enterprise network. You can identify and prioritize up to three
RADIUS servers on the Summit WM-Series Switch. This means that in the event of a failover of the
active RADIUS server, the Summit WM-Series Switch will poll the other servers in the list for a
response.
Filtering for a WM-AD
The WM-AD capability provides a technique to apply policy, to allow different network access to
different groups of users. This is done by packet filtering.
After setting up the authentication, the next step is to define the filtering rules for the filters that apply
to your network and the WM-AD you are setting up.
- Table of Contents 3
- Formatting conventions 10
- Documentation feedback 10
- Protocols and standards 11
- Regulatory information 11
- About this Guide 12
- Conventional wireless LANS 13
- Wireless AP 15
- Summit WM 15
- Wireless Controller 15
- Network traffic flow 18
- Network security 19
- Policy: packet filtering 21
- Mobility and roaming 21
- Availability 22
- Quality of Service (QoS) 22
- Data ports (4 or 2) 24
- Management ports 24
- Configuration steps: overview 31
- Enabling the product key 31
- Setting up the data ports 32
- Port Type or Function 34
- Setting up static routes 35
- Setting up OSPF Routing 36
- Define port exception filters 40
- 4 Altitude AP: startup 41
- Installing the Altitude APs 43
- Set the discovery timers 45
- Discovery and registration 46
- Registration after discovery 48
- Altitude AP access approval 49
- ● 802.11 b/g (2.4 GHz radio) 53
- ● 802.11a (5 GHz radio) 53
- Adding a Altitude AP manually 56
- Auto Cell software 58
- Configure Auto Cell software 59
- Altitude AP: startup 60
- Introduction 61
- What is a WM-AD? 62
- Topology of a WM-AD 62
- Filtering for a WM-AD 64
- Setting up a new WM-AD 66
- Global Settings for a WM-AD 68
- Topology for a WM-AD 71
- Use DHCP Relay for the WM-AD 74
- Topology for a WM-AD for AAA 75
- Authentication for a WM-AD 76
- ● No Captive Portal Support 80
- Captive Portal” on page 87) 81
- Accounting for a WM-AD 84
- RADIUS Policy for a WM-AD 84
- Filtering rules for a WM-AD 86
- Default Filter: Examples 93
- Multicast for a WM-AD 95
- Privacy for a WM-AD 96
- Privacy for a WM-AD for AAA 97
- A WM-AD for voice traffic 101
- Availability and Mobility 103
- Management users 111
- Network time 112
- Check Point event logging 113
- Setting up SNMP 115
- Setting SNMP Parameters 116
- Overview 123
- Summit Spy: running scans 125
- The Analysis Engine 126
- 11 Ongoing operation 131
- Altitude AP client management 133
- Client disassociate 134
- Client blacklist 135
- Health Checking 136
- Change the system log level 136
- Enable and configure Syslog 136
- Logs and alarms 141
- View the Logs 142
- View the Traces 142
- View the Audits 143
- Reports and displays 144
- View reports 146
- Glossary 147
- D (Continued) 149
- F (Continued) 151
- H (Continued) 152
- I (Continued) 153
- O (Continued) 156
- P (Continued) 157
- S (Continued) 160
- T (Continued) 162
- W (Continued) 164
- Altitude AP system states 168
- B CLI command reference 169
- CLI command reference 170
- RFC list 177
- 802.11 standards list 178
- Reference lists of standards 180
- E Support for Altitude AP 181
- F RADIUS Attributes 183
- RADIUS Accounting 184
- Account-Stop/Interim Packet 185
- Termination Codes 186
- G Logs and Events 187
- Logs and Events 188
- Critical 189
- CDR_COLLECTOR 191
- CONFIG_MANAGER 191
- EVENT_SERVER 192
- RADIUS_ACCOUNTING 194
- RADIUS_CLIENT 194
- RF_DATA_COLLECTOR 195
- RU_MANAGER 195
- SECURITY_MANAGER 196
- STARTUP_MANAGER 197
- STATS_SERVER 198
- ACCESSPOINT 200
- CPDP_AGENT_ID 203
- NSM_SERVER 205
- OSPF_SERVER 206
- PORT_INFO_J_MANAGER 206
- REDIR_ID 207
- H Regulatory Information 213
- Emissions 214
- FCC ID#: RJF-A3502 216
- Part 15 Unlicensed Antenna 217
- European Community 218
- European Spectrum Usage Rules 221
- Regulatory Information 222
- Declarations of Conformity 223
Relacionado con productos y manuales para Software Extreme Networks Summit WM Series
(7 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.043 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales