Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-3200

341

342

343

344

345

346

347

348

349

350

349 | 802.1X Authentication Dell Networking W-Series ArubaOS 6.4.x| User Guide

Configuring the Internal Database

Configure the internal database with the username, password, and role (student, faculty, or sysadmin) for each

user. There is a default internal server group that includes the internal database. For the internal server

group, configure a server derivation rule that assigns the role to the authenticated client.

In the WebUI

1. Navigate to the Configuration > Security > Authentication > Servers page.

2. In the Servers list, select Internal DB.

3. Under Users, click Add User to add users.

4. For each user, enter a username and password.

5. Select a role for each user (if a role is not specified, the default role is guest).

6. Select the expiration time for the user account in the internal database.

7. Click Apply.

In the CLI

Use the privileged mode in the CLI to configure users in the controller’s internal database.

(host)(config) #local-userdb add username <user> password <password>

Configuring a Server Rule

In the WebUI

1. Navigate to the Configuration > Security > Authentication > Servers page.

2. Select Server Group to display the Server Group list.

3. Select the internal server group.

4. Under Server Rules, click New to add a server derivation rule.

a. For Condition, enter Role.

b. Select value-of from the drop-down list.

c. Select Set Role from the drop-down list.

d. Click Add.

5. Click Apply.

In the CLI

(host)(config) #aaa server-group internal

set role condition Role value-of

Configuring 802.1x Authentication

An AAA profile specifies the 802.1x authentication profile and 802.1x server group to be used for

authenticating clients for a WLAN. The AAA profile also specifies the default user role for 802.1x

authentication.

For this example, you enable both 802.1x authentication and termination on the controller.

In the WebUI

1. Navigate to the Configuration > Security > Authentication > L2 Authentication page. In the profiles

list, select 802.1x Authentication Profile.

a. In the Instance list, enter dot1x, then click Add.