Specifications

Configuring AAA for Users of Third-Party APs

RoamAbout Mobility System Software Configuration Guide 17-41

Configuring Authentication for Non-802.1X Users of a Third-Party AP

with Tagged SSIDs

ToconfigureMSStoauthenticatenon‐802.1Xusersofathi r d‐partyAP,usethesamecommandsas

thoserequiredfor802.1Xusers.Additionally,whenconfiguringthewiredauthenticationport, use

theauth‐fall‐thruoptiontochangethefallthruauthenticationtypetolast‐resortorweb‐portal.

Onthe

RADIUSserver,configureusernameweb‐portal‐ssidorlast‐resort‐ssid,dependingonthe

fallthruauthenticationtypeyouspecifyforthewiredauthenticationport.

Configuring Access for Any Users of a Non-Tagged SSID

IfSSIDtrafficfromthethird‐partyAPisuntagged,usethesameconfigurationcommandsasthe

onesrequiredfor802.1Xusers,exceptthesetradiusproxyportcommand.Thiscommandisnot

requiredandisnotapplicabletountaggedSSIDtraffic.In addition,whenconfiguringthewired

authenticationport,use

theauth‐fall‐thruoptiontochangethefallthruauthenticationtypeto

last‐resortorweb‐portal.

OntheRADIUSserver,configureusernameweb‐portal‐wiredorlast‐resort‐wired,dependingon

thefallthruauthenticationtypespecifiedforthewiredauthenticationport.