User's Manual

ManualsBrandsSiemens Communications ManualsElectronicsHiPath Wireless AP, Altitude 450, Altitude 451

171

172

173

174

175

176

177

178

179

180

Virtual Network configuration

hwc_vnsconfiguration.fm

Authentication for a VNS

A31003-W1050-U100-2-7619

, March 2008

178 HiPath Wireless Controller, Access Points and Convergence Software V5 R1 , C20/C2400 User Guide

The first five of these VSAs provide information on the identity of the specific

Wireless AP that is handling the wireless device, enabling the provision of

location-based services.

The RADIUS message also includes RADIUS attributes Called-Station-Id and

Calling-Station-Id in order to include the MAC address of the wireless device.

Note: Siemens-URL-Redirection is supported by MAC-based authentication.

6.6.2 Defining authentication for a VNS for Captive

Portal

For Captive Portal authentication, the wireless device connects to the network,

but can only access the specific network destinations defined in the non-

authenticated filter. For more information, see Section 6.9.2, “Defining non-

authenticated filters”, on page 197. One of these destinations should be a server,

either internal or external, which presents a Web login page — the Captive Portal.

The wireless device user must input an ID and a password. This request for

authentication is sent by the HiPath Wireless Controller to a RADIUS server or

other authentication server. Based on the permissions returned from the

authentication server, the HiPath Wireless Controller implements policy and

allows the appropriate network access.

Captive Portal authentication relies on a RADIUS server on the enterprise

network. There are three mechanisms by which Captive Portal authentication can

be carried out:

• Internal Captive Portal – The HiPath Wireless Controller displays the

Captive Portal Web page, carries out the authentication, and implements

policy.

Siemens-VNS-

Name

4 string Sent to

RADIUS server

The name of the Virtual Network the

client has been assigned to. It is

used in assigning policy and billing

options, based on service selection.

Siemens-SSID 5 string Sent to

RADIUS server

The name of the SSID the client is

associating to. It is used in

assigning policy and billing options,

based on service selection.

Siemens-BSS-

MAC

6 string Sent to

RADIUS server

The name of the BSS-ID the client

is associating to. It is used in

assigning policy and billing options,

based on service selection and

location.

Attribute Name ID Type Messages Description

Table 14 Vendor Specific Attributes