User`s guide

Configuration

2-10 Planning and Managing Your Wireless Network

Authorization

Authorizationisthemethodforprovidinguserswithspecificrightstothenetworkbyassociating

attribute‐value(AV)pairstotheuser.AAAauthorizationworksbyassemblingasetofattributes

thatdescribewhattheuserisauthorizedtoperform.Theseattributesarecomparedtothe

informationcontainedinalocal

databaseoronaRADIUSserverforagivenuserandtheresultis

returnedtotheRoamAboutswitchtodeterminetheuser’sactualcapabilitiesandrestrictions.

Youcanconfigure attributes,suchasthetimeofdayorspecificVLANaccess.Youcanalsocontrol

accessusingsecurityaccesscontrollists

(ACLs),MobilityProfiles

,andLocationPolicies.

SecurityACLspermitordenytrafficbasedonIPprotocol,IPaddressesand,optionally,TCP or

UDPport.Theyalsocanbeusedtosetclass‐of‐service(CoS)valuesinapacket.MobilityProfiles

containattributestoallowordenyaccesstospecificpartsofthe

networkforaspecificuseror

groupofusers.LocationPoliciesareanorderedlistoflocationpolicyrulesbasedonauserglob,

VLAN,and/orports.ALocationPolicycanbeconfiguredifyouneedtooverridetheconfigured

AAAuserauthorizationattributeslocallyforaspecificRoamAboutswitch.

Accounting

Accountingcollectsandsendsinformationusedforbilling,auditing,andreporting—forexample,

useridentities,connectionstartandstoptimes,thenumberofpacketsreceivedandsent,andthe

numberofbytestransferred.Youcantracksessionsthroughaccountinginformationstoredlocally

oronaremoteRADIUSserver.Asnetworkusersroam

throughoutthenetwork,accounting

recordstrackthemandtheirnetworkusage.

System and Administration Configuration

AMobilityDomainisacollectionofRoamAboutswitchesthatworktogethertosupportroaming

users.OneoftheRoamAboutswitchesisdefinedasaseeddevice,whichdistributesinformation

totheotherRoamAboutswitchesdefinedintheMobilityDomain.

AMobilityDomainallowsuserstoroamgeographicallyfromoneRoamAbout

switchtoanother

withoutlosingnetworkconnectivity.UsersconnectasamemberofaVLANthroughtheir

authorizedidentities.

YoucanaddswitchestoanetworkplanasmembersofaMobilityDomainorasstandalone

switches.Afteraswitchisadded,youcanmoveitintooroutofa

MobilityDomain.

YoucancreatethefollowingtypesofRoamAboutswitches:

•RBT‐8400

•RBT‐8200

•RBT‐8100

•RBT‐8110

PerformthefollowingtaskstocreateandinitiallyconfigureaRoamAboutswitch:

1. ConfigurebasicRoamAboutswitchproperties.

2. ConfigureRoamAboutswitchconnectioninformation.

3. Configurebootinformation.