User manual

ManualsBrandsMotorola ManualsComputer equipmentRFS7000 Series

401

402

403

404

405

406

407

408

409

410

13-17

13.1.7.12 Example–Creating a Group

The use of the (config-radsrv-group) sub-instance is explained below:

1. Create a group called Sales in the local RADIUS Server database.

RFS7000(config-radsrv)#group sales

2. Check the RADIUS user group configuration commands.

RFS7000(config-radsrv-group)#?

Radius user group configuration commands:

clrscr Clears the display screen

end End current mode and change to EXEC mode

exit End current mode and down to previous mode

group Configure radius user group paramaters

guest-group Guest group configuration

help Description of the interactive help system

no Negate a command or set its defaults

policy Radius group access policy configuration

rad-user Add Radius user to this group

service Service Commands

show Show running system information

3. Use the policy command to configure the group policies for the group created in Step 1.

RFS7000(config-radsrv-group)#policy ?

day Day of access policy configuration

time Configure time of access policy for this group

vlan VLAN id for this group

wlan Configure wlan access policy for this group

RFS7000(config-radsrv-group)#policy day weekdays

RFS7000(config-radsrv-group)#policy time start 12 30 end 15 30

4. Use the policy vlan command to assign an VLAN ID of 10 to group Sales.

RFS7000(config-radsrv-group)#policy vlan 10

5. Use the policy wlan command to allow only authorised users to access this groups wlan.

RFS7000(config-radsrv-group)#policy wlan 1 2 5

6. Use (config-radsrv)#rad-user to create a user called testuser and add it to group Sales.

RFS7000(config-radsrv)#rad-user testuser password testpassword group sales

Sep 08 17:41:55 2006: RADCONF: Adding user "testuser" into local database

Sep 08 17:41:55 2006: RADCONF: User "testuser" is added to group "sales"

7. Use (config-radsrv)#nas to add a NAS entry.

RFS7000(config-radsrv)#nas ?

A.B.C.D/M Radius client IP address

RFS7000(config-radsrv)#nas 10.10.10.0/24 ?

key Radius client shared secret

RFS7000(config-radsrv)#nas 10.10.10.0/24 key ?

0 Password is specified UNENCRYPTED

2 Password is encrypted with password-encryption secret

LINE The secret(client shared secret), upto 32 characters

RFS7000(config-radsrv)#nas 10.10.10.0/24 key 0 very-secret!!