Dell PowerConnect W-IAP3WN/P User Manual Page 147
- Page / 377
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
147 | Authentication and User Management DellNetworking W-Series Instant 6.4.0.2-4.1 | User Guide
Understanding Authentication Methods
Authentication is a process of identifying a user by through a valid username and password or based on their MAC
addresses. The following authentication methods are supported in Instant:
l 802.1X authentication
l MAC authentication
l MAC authentication with 802.1X authentication
l Captive Portal Authentication
l MAC authentication with Captive Portal authentication
l 802.1X authentication with Captive Portal Role
l WISPr authentication
802.1X authentication
802.1X is an IEEE standard that provides an authentication framework for WLANs. 802.1x uses the Extensible
Authentication Protocol (EAP) to exchange messages during the authentication process. The authentication
protocols that operate inside the 802.1X framework include EAP-Transport Layer Security (EAP-TLS), Protected
EAP (PEAP), and EAP-Tunneled TLS (EAP-TTLS). These protocols allow the network to authenticate the client
while also allowing the client to authenticate the network. For more information on EAP authentication framework
supported by the W-IAP, see Supported EAP Authentication Frameworks on page 148.
802.1X authentication method allows a W-IAP to authenticate the identity of a user before providing network access
to the user. The Remote Authentication Dial In User Service (RADIUS) protocol provides centralized authentication,
authorization, and accounting management. For authentication purpose, the wireless client can associate to a
network access server (NAS) or RADIUS client such as a wireless W-IAP. The wireless client can pass data traffic
only after successful 802.1X authentication.
For more information on configuring a W-IAP to use 802.1X authentication, see Configuring 802.1X Authentication
for a Network Profile on page 163.
MAC authentication
MAC authentication is used for authenticating devices based on their physical MAC addresses. MAC authentication
requires that the MAC address of a machine matches a manually defined list of addresses. This authentication
method is not recommended for scalable networks and the networks that require stringent security settings. For
more information on configuring a W-IAP to use MAC authentication, see Configuring MAC Authentication for a
Network Profile on page 165.
MAC authentication with 802.1X authentication
This authentication method has the following features:
l MAC authentication precedes 802.1X authentication - The administrators can enable MAC authentication for
802.1X authentication. MAC authentication shares all the authentication server configurations with 802.1X
authentication. If a wireless or wired client connects to the network, MAC authentication is performed first. If
MAC authentication fails, 802.1X authentication does not trigger. If MAC authentication is successful, 802.1X
authentication is attempted. If 802.1X authentication is successful, the client is assigned an 802.1X
authentication role. If 802.1X authentication fails, the client is assigned a deny-all role or mac-auth-only role.
l MAC authentication only role - Allows you to create a mac-auth-only role to allow role-based access rules when
MAC authentication is enabled for 802.1X authentication. The mac-auth-only role is assigned to a client when
the MAC authentication is successful and 802.1X authentication fails. If 802.1X authentication is successful, the
mac-auth-only role is overwritten by the final role. The mac-auth-only role is primarily used for wired clients.
- User Guide 1
- Dell Networking W-Series 1
- Instant 6.4.0.2-4.1 1
- Contents 3
- Instant User Interface 44 4
- In the Instant UI 79 6
- In the CLI 79 6
- In the Instant UI 81 6
- In the CLI 82 6
- Customizing W-IAP Settings 84 7
- VLAN Configuration 92 8
- Wireless Network Profiles 93 8
- Wired Profiles 112 9
- In the CLI 132 10
- Example 135 10
- In the Instant UI 141 11
- In the CLI 142 11
- In the Instant UI 142 11
- In the CLI 143 11
- Roles and Policies 176 14
- DHCP Configuration 201 16
- VPN Configuration 210 17
- IAP-VPN Deployment 223 17
- Adaptive Radio Management 232 18
- Example 249 19
- Voice and Video 251 20
- Services 255 20
- In the Instant UI 272 21
- In the CLI 272 21
- In the CLI 273 21
- Uplink Configuration 285 22
- Intrusion Detection 296 23
- Mesh W-IAP Configuration 303 23
- Spectrum Monitor 309 24
- W-IAP Maintenance 317 24
- Hotspot Profiles 338 25
- ClearPass Guest Setup 352 26
- Terminology 373 27
- Intended Audience 28
- Related Documents 28
- Conventions 28
- Contacting Dell 29
- Instant Overview 30
- Instant UI 31
- Instant CLI 31
- New Features in 6.4.0.2-4.1 33
- Setting up Instant Network 35
- Assigning a Static IP 36
- W-IAP Cluster 36
- Logging in to the Instant UI 37
- Regulatory Domains 38
- Code Country Name 39
- Accessing the Instant CLI 41
- Connecting to a CLI Session 42
- Sequence-Sensitive Commands 43
- Login Screen 44
- Main Window 45
- Networks Tab 46
- Access Points Tab 46
- Clients Tab 47
- New Version Available 47
- Security 50
- Maintenance 51
- Monitoring 57
- Table 9: 58
- RF Dashboard Icons 60
- Table 11: 62
- Table 12: 63
- Table 13: 65
- Spectrum 67
- Types of Alerts 68
- Figure 23 Client Alerts 69
- Figure 24 Fault History 69
- Figure 25 Active Faults 69
- Alerts list 70
- AirGroup 72
- Configuration 72
- W-AirWave Setup 73
- Pause/Resume 73
- Basic Configuration Tasks 74
- Configuring a Preferred Band 75
- Configuring Timezone 76
- Configuring an NTP Server 76
- Enabling AppRF Visibility 77
- Changing Password 77
- Configuring Auto Join Mode 79
- Configuring Terminal Access 80
- Configuring Console Access 80
- Configuring LED Display 81
- Modifying the W-IAP Hostname 84
- Configuring External Antenna 86
- Master Election Protocol 89
- (Instant AP)# iap-master 90
- (Instant AP)# show ap-env 90
- Antenna Type:Internal 90
- Adding a W-IAP to the Network 91
- Chapter 7 92
- VLAN Configuration 92
- Chapter 8 93
- Wireless Network Profiles 93
- WLAN Configuration Parameters 95
- Figure 37 Security Tab: Open 100
- Parameter Description 101
- Security Level 101
- Table 21: 101
- In the Instant UI 105
- In the CLI 105
- Opportunistic Key Caching 106
- Extended Capabilities IE 109
- RRM enabled capabilities IE 109
- Editing a WLAN SSID Profile 110
- Deleting a WLAN SSID Profile 111
- Configuring a Wired Profile 112
- Editing a Wired Profile 117
- Deleting a Wired Profile 118
- Understanding Captive Portal 120
- Walled Garden 121
- Parameters Description 122
- Managing W-IAP Users 140
- (Instant AP)(config)# end 143
- (Instant AP)# commit apply 143
- 802.1X authentication 147
- MAC authentication 147
- Captive Portal Authentication 148
- WISPr authentication 148
- Internal RADIUS Server 150
- External RADIUS Server 150
- WPA and WPA2 154
- WPA and WPA2 Features 155
- Table 32: 158
- Table 33: 159
- Enabling Dynamic RADIUS Proxy 161
- Blacklisting Clients 171
- Uploading Certificates 173
- Firewall Policies 176
- <eport> src-nat 179
- Configuring ALG Protocols 181
- Managing Inbound Traffic 183
- Table 36: 184
- Content Filtering 186
- Enabling Content Filtering 187
- Configuring User Roles 190
- In the CLI: 191
- Configuring Derivation Rules 192
- Understanding VLAN Assignment 194
- Vendor Specific Attributes 195
- User Role 196
- VLANs Created for an SSID 196
- Creating a User VLAN Role 199
- Configuring DHCP Scopes 201
- Name Description 202
- Table 38: 202
- Understanding VPN Features 210
- Mobility Controller 210
- Configuring an L2TPv3 Tunnel 215
- To view L2TPv3 configuration: 219
- To view L2TPV3 tunnel status: 219
- To view L2TPv3 tunnel config: 220
- Configuring Routing Profiles 221
- Chapter 15 223
- IAP-VPN Deployment 223
- IAP-VPN Forwarding Modes 224
- L3 Routing Mode 225
- Configuring DHCP Profiles 226
- OSPF Configuration 227
- VPN Configuration 229
- Branch-ID Allocation 230
- Branch Status Verification 230
- Branch Details 231
- ARM Overview 232
- Band Steering 233
- Airtime Fairness Mode 233
- Client Match 234
- Access Point Control 236
- Verifying ARM Configuration 237
- Deep Packet Inspection 241
- Application Visibility 242
- Application Charts 243
- Web Categories Charts 245
- Web Reputation Charts 245
- Chapter 18 251
- Voice and Video 251
- Configuring WMM-DSCP Mapping 252
- Port Packet Type 254
- Table 52: 254
- AirGroup Configuration 255
- DLNA UPnP Support 257
- AirGroup Features 258
- AirGroup Services 259
- AirGroup Components 260
- Creating a RADIUS Server 263
- Assign a Server to AirGroup 263
- Change of Authorization (CoA) 263
- ALE with Instant 265
- Integration with Instant 267
- CALEA Server Integration 270
- Client Traffic Replication 271
- Creating a CALEA Profile 272
- Verifying the configuration 273
- To verify the configuration: 274
- Chapter 20 275
- Trending Reports 276
- Intrusion Detection System 276
- Shared Key 278
- Figure 107 W-AirWave —Monitor 284
- Uplink Interfaces 285
- Cellular Uplink 287
- Wi-Fi Uplink 291
- Enforcing Uplinks 292
- Setting an Uplink Priority 293
- Enabling Uplink Preemption 293
- (Instant AP)(uplink)# end 294
- OS Fingerprinting 296
- Table 55: 298
- Client Detection Policies 299
- Client Protection Policies 300
- Configuring IDSUsing CLI 301
- Mesh Network Overview 303
- Mesh Points 304
- Layer-3 Mobility Overview 306
- Configuring L3-Mobility 307
- Understanding Spectrum Data 309
- Non Wi-Fi Interferers 310
- Non Wi-Fi Interferer Types 311
- Channel Details 312
- Channel Metrics 313
- Spectrum Alerts 314
- Upgrading a W-IAP 317
- Upgrading an Image Using CLI 319
- Viewing Current Configuration 319
- Backing up Configuration Data 320
- Restoring Configuration 320
- Table 63: 321
- Rebooting the W-IAP 325
- Configuring SNMP 327
- Configuring a Syslog Server 330
- Logging Levels 331
- Configuring TFTP Dump Server 332
- Support Commands 333
- Chapter 28 338
- Hotspot Profiles 338
- Configuring Hotspot Profiles 339
- Venue Types 342
- Configuring a 3GPP Profile 344
- Configuring a Domain Profile 344
- Creating a Hotspot Profile 346
- Table 69: 347
- Sample Configuration 349
- ClearPass Guest Setup 352
- Troubleshooting 355
- IAP-VPN Deployment Scenarios 356
- Redundancy 357
- Table 72: 358
- Datacenter Configuration 359
- AP Configuration 361
- Table 73: 362
- Topology 364
- Table 74: 366
- Table 75: 370
- Acronyms and Abbreviations 373
- Glossary 374
- List of Terms 375
Related products and manuals for Networking Dell PowerConnect W-IAP3WN/P
Networking Dell 3-DNS Setup Guide
(16 pages)
(16 pages)
Networking Dell PowerEdge T410 User Manual
(19 pages)
(19 pages)
Networking Dell DPND-523-EN12 User Manual
(16 pages)
(16 pages)
Networking Dell PowerEdge R310 User Manual
(14 pages)
(14 pages)
Networking Dell PowerEdge R820 User Manual
(17 pages)
(17 pages)
Networking Dell MD1120 User Manual
(17 pages)
(17 pages)
Networking Dell PowerEdge M915 User Manual
(24 pages)
(24 pages)
Networking Dell M4001F User Manual
(27 pages)
(27 pages)
Networking Dell TL24iSCSIxSAS User's Guide
(66 pages)
(66 pages)
© 2020, manymanuals.com. All rights reserved. | 0.443 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals