Specifications
8-8 WS2000 Wireless Switch System Reference Guide
8.2.3 Setting the User Access Policy
The RADIUS Access Policy screen allows you to set WLAN access based on a user group defined on the User
Database screen. Select [User Authentication] --> RADIUS Server --> Access Policy to set group
access.
Each Group ID defined in the User Database screen appears on the Access Policy screen as a single row in
the table. Each wireless LAN represents a column in the table.
1. To enable group access to a particular WLAN, check the box for that WLAN in the row corresponding to
the group. To disable access for a group, uncheck the box for the appropriate WLAN. A group must have
at least one WLAN checked to have wireless access to the switch.
2. Click Apply when you have finished the changes.
8.2.4 Defining the Hotspot State of a Mobile Unit
When configured as a hotspot, the switch tracks the hotspot-state of each mobile unit associated with the
hotspot. The server maintains a list of all mobile units associated and tracks the state of these mobile units.
Mobile Units in a hotspot have one the following two states:
• REDIRECT state—The associated mobile unit enters the REDIRECT state after 802.11 authentication and
association. The mobile unit remains in this state until it successfully authenticates through the RADIUS
server. After the mobile unit logs-off from the hotspot, it moves into the REDIRECT State.
• RADIUS AUTHENTICATED state—The mobile unit moves into the RADIUS AUTHENTICATED state after
it successfully authenticates through the RADIUS server.
The RADIUS server provides the trigger to move the state of the mobile unit from REDIRECT to RADIUS
AUTHENTICATED. There is a dedicated socket connection between the wireless switch and an the RADIUS
server for this purpose.
After the RADIUS server successfully authenticates the mobile unit, it sends a trigger to the wireless switch
to change the hotspot-state of the mobile unit to RADIUS-AUTHENTICATED.