Configuration manual

ManualsBrandsDell ManualsComputer equipmentPowerConnect W-AirWave 7.4

141

142

143

144

145

146

147

148

149

150

146 | Configuration Reference Dell PowerConnect W-AirWave 7.4 | Configuration Guide

Adding a New Server Group

The server group is assigned to the server group for 802.1x authentication.

To create a new server group, click the Add button, or to edit an existing group, click the pencil icon next to that

group. The Add New Server Group page appears, and contains the following fields, as described in Table 72:

Table 72 Security > Server Groups > Add or Edit Server Group Fields and Descriptions

Field Default Description

General Settings

Folder Top Set the folder with which the server is associated. The drop-down menu displays all

folders available for association with the server group.

Name Blank Enter the name of the server group.

Other Settings

Fail Through No Enable or disable a fail through server.

When fail-through authentication is enabled, users that fail authentication on the first

server in the server list should be authenticated with the second server. The controller

attempts authentication with each server in the list until either there is a successful

authentication or the list of servers in the group is exhausted.

This feature is useful in environments where there are multiple, independent

authentication servers; users may fail authentication on one server but can be

authenticated on another server.

Add New Server Select this button to add a new server to the Server Group being configured.

A new Server section and Server Group Server Rules section appear with the

following settings to be defined:

Server Section

 Trim FQDN—Default setting is No. Change to Yes to enable.

You can use the “match FQDN” option for a server match rule. With a match FQDN

rule, the server is selected if the <domain> portion of the user information in the

formats <domain>\<user> or <user>@<domain> exactly matches a specified

string. This rule does not support client information in the host/<pc-

name>.<domain> format, so it is not useful for 802.1x machine authentication. The

match FQDN option performs matches on only the <domain> portion of the user

information sent in an authentication request. The match-authstring option

(described previously) allows you to match all or a portion of the user information

sent in an authentication request.

 Server Type—Select the server type for the new server being added. Options are

RADIUS (default), LDAP, TACACS, and Internal.

 RADIUS Server—Select the RADIUS server from the drop-down menu that the

new server is to use. You can edit an existing RADIUS server or create a new

server.

Server Group Server Rules Section

Select the Add button to add a new rules section. The page that appears contains the

following settings to define:

 Match Type—From the drop-down menu, select Authstring or FQDN. The

following settings complete the configuration.

 Operator—For Authstring only, specify how to process the string (contains,

equals, starts with).

 Match String—Enter the string or string fragment.

Finish by clicking the Add New Server Group Server Rules button.