User guide

ManualsBrandsExtreme Networks ManualsComputer equipmentWM20 Controller

101

102

103

104

105

106

107

108

109

110

Authentication for a WM-AD

Summit WM20 User Guide, Software Release 4.2 109

The first five of these VSAs provide information on the identity of the specific Wireless AP that is

handling the wireless device, enabling the provision of location-based services.

The RADIUS message also includes RADIUS attributes Called-Station-Id and Calling-Station-Id in order

to include the MAC address of the wireless device.

NOTE

Extreme-URL-Redirection is supported by MAC-based authentication.

Defining Authentication for a WM-AD for Captive Portal

For Captive Portal authentication, the wireless device connects to the network, but can only access the

specific network destinations defined in the non-authenticated filter. For more information, see

“Defining Non-authenticated Filters” on page 124. One of these destinations should be a server, either

internal or external, which presents a Web page login screen—the Captive Portal. The wireless device

user must input an ID and a password. This request for authentication is sent by the Summit WM

Controller to a RADIUS server or other authentication server. Based on the permissions returned from

the authentication server, the Summit WM Controller implements policy and allows the appropriate

network access.

Captive Portal authentication relies on a RADIUS server on the enterprise network. There are three

mechanisms by which Captive Portal authentication can be carried out:

● Internal Captive Portal – The Summit WM Controller presents the Captive Portal Web page, carries

out the authentication, and implements policy.

● External Captive Portal – After an external server presents the Captive Portal Web page and carries

out the authentication, the Summit WM Controller implements policy.

● External Captive Portal with internal authentication – After an external server presents the Captive

Portal Web page, the Summit WM Controller carries out the authentication and implements policy.

To define authentication by Captive Portal:

1 From the main menu, click WM-AD Configuration. The WM-AD Configuration screen is

displayed.

2 In the left pane WM Access Domains list, click the WM-AD you want to set up authentication by

Captive Portal for. The Top olo gy tab is displayed.

3 Click the Auth & Acct tab. On the Auth & Acct tab, there are three options:

Extreme-BSS-MAC 6 string Sent to RADIUS

server

The name of the BSS-ID the client is

associating to. It is used in assigning

policy and billing options, based on service

selection and location.

Table 4: Vendor-Specific Attributes (Continued)

Attribute Name ID Type Messages Description