Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRoamAbout RBT-8100

411

412

413

414

415

416

417

418

419

420

Before You Begin

18-2 Configuring Communication with RADIUS

Figure 18-1 Wireless Client, AP, RoamAbout switch, and RADIUS Servers

IntheexampleshowninFigure 18‐1,thefollowingeventsoccur:

1. Thewirelessuser(client)requestsanIEEE802.11associationfromtheAP.

2. AftertheAPcreatestheassociation,theRoamAboutswitchsendsanExtensible

AuthenticationProtocol(EAP)identityrequesttotheclient.

3. TheclientsendsanEAPidentityresponse.

4. FromtheEAPresponse,theRoamAboutswitchgetstheclient’susername.TheRoamAbout

switchthensearchesitsAAAconfiguration,attemptingtomatchtheclientʹsusernameagainst

theuserglobsintheAAAconfiguration.

Whenamatchisfound,themethodsspecifiedbythe matchingAAAcommandinthe

RoamAboutswitch

configurationfileindicatehowtheclientistobeauthenticated,either

locallyontheRoamAboutswitch,orviaaRADIUSservergroup.

5. Iftheclientdoesnotsupport802.1X,MSSattemptstoperformMACauthenticationfor the

clientinstead.Inthiscase,iftheswitch’sconfigurationcontainsasetauthenticationmac



commandthatmatchestheclient’sMACaddress,MSSusesthemethodspecifiedbythe

command.Otherwise,MSSuseslocalMACauthentication bydefault.

(ForinformationaboutMACclientauthentication,see“ConfiguringMACAuthentication

andAuthorization”onpage 17‐20.)

Before You Begin

Toensurethatyoucan contacttheRADIUSserversyouplantouseforauthentication,sendthe

pingcommandtoeachonetoverifyconnectivity.

ping ip-address

Youcanthensetupcommunica tionbetweentheswitchandeachRADIUSservergroup.

RAS

with local

database

Wireless

connection

Wired

connection(s)

AP 2AP 1

RADIUS Server 1

RADIUS Server 2

Client (with laptop)