Manualshelf

CLI Reference Guide

ManualsBrandsHP ManualsSoftwareHP Wireless Switch Manager Software
301302303304305306307308309310
Configuring AAA for Clients of Third-Party APs 303
Configuring AAA
for Clients of
Third-Party APs
A WX switch can provide network access for users associated with a
third-party AP that has authenticated the users with RADIUS. You can
connect a third-party AP to a WX switch and configure the WX to provide
authorization for clients who authenticate and access the network
through the AP.
To configure MSS to authenticate 802.1X users of a third-party AP, use
the commands below to do the following:
Configure the port connected to the AP as a wired authentication
port. (“Configuring Wired Authentication Ports” on page 222.)
Configure a MAC authentication rule for the AP. (“Configuring and
Managing Access Rules for Network Users” on page 286.)
Configure a proxy authentication rule for the AP’s users. (“To create a
proxy authentication rule” on page 303.)
Add a RADIUS proxy entry for the AP. The proxy entry specifies the IP
address of the AP and the UDP ports on which the WX switch listens
for RADIUS access-requests and stop-accounting records from the AP.
(“To create a RADIUS proxy client entry” on page 304.)
Configure the WX port connected to the AP as a RADIUS proxy for the
SSID supported by the AP. If SSID traffic from the AP is tagged, assign
the same tag value to the WX port. (“To configure a port as a RADIUS
proxy for an SSID” on page 305.)
For information about configuration requirements on the third-party AP,
see the “Configuring AAA for Users of Third-Party APs” section in the
“Configuring AAA for Network Users” chapter of the Wireless LAN
Switch and Controller Configuration Guide.
To create a proxy authentication rule
1 Access the Modify WX Switch wizard for the switch. (See “Accessing the
WX Switch Wizard” on page 187.)
2 Select AAA at the top of the wizard, if not already selected.
3 Select Proxy Access from the organizer list on the left side of the page, if
not already selected.
4 Click New Proxy Access. The Create Proxy Access wizard appears.
5 Type the userglob that is expected access the SSID.