Users Guide

ManualsBrandsDell ManualsTVs & monitorsW-620

421

422

423

424

425

426

427

428

429

430

Table Of Contents

428 | Virtual Intranet Access Dell PowerConnect W-Series ArubaOS 6.1 | User Guide

Using CLI to Configure VIA

The following steps illustrate configuring VIA using CLI. Install your Policy Enforcement Firewall Virtual Private

Network (PEFV) license key. For detailed information on the VIA command line options, see the Dell

PowerConnect W-Series ArubaOS 6.1 Command Reference Guide.

(host) (config)# license add <key>

Create VIA Roles

(host) (config) #user-role example-via-role

(host) (config-role) #access-list session "allowall" position 1

(host) (config-role) #ipv6 session-acl "v6-allowall" position 2

Create VIA Authentication Profiles

(host) (config) #aaa server-group "via-server-group"

(host) (Server Group "via-server-group") #auth-server "Internal" position 1

(host) (Server Group "via-server-group") #aaa authentication via auth-profile default

(host) (VIA Authentication Profile "default") #default-role example-via-role

(host) (VIA Authentication Profile "default") #desc "Default VIA Authentication

Profile"

(host) (VIA Authentication Profile "default") #server-group "via-server-group"

Create VIA Connection Profiles

(host) (config) #aaa authentication via connection-profile "via"

(host) (VIA Connection Profile "via") #server addr 202.100.10.100 internal-ip

10.11.12.13 desc "VIA Primary Controller" position 0

(host) (VIA Connection Profile "via") #auth-profile "default" position 0

(host) (VIA Connection Profile "via") #tunnel address 10.0.0.0 netmask 255.255.255.0

(host) (VIA Connection Profile "via") #split-tunneling

(host) (VIA Connection Profile "via") #windows-credentials

(host) (VIA Connection Profile "via") #client-netmask 255.0.0.0

(host) (VIA Connection Profile "via") #dns-suffix-list example.com

(host) (VIA Connection Profile "via") #support-email via-support@example.com

Enter the following command after you create the client WLAN profile. See “Configure VIA Client WLAN

Profiles” on page424

(host) (VIA Connection Profile "via") #client-wlan-profile "via_corporate_wpa2"

position 0

Configure VIA web authentication

(host) (config) #aaa authentication via web-auth default

(host) (VIA Web Authentication "default") #auth-profile default position 0

Associate VIA connection profile to user role

(host) (config) #user-role "example-via-role"

(host) (config-role) #via "via"

Configure VIA client WLAN profiles

(host) (config) #wlan ssid-profile "via_corporate_wpa2"

(host) (SSID Profile "via_corporate_wpa2") #essid corporate_wpa2

(host) (SSID Profile "via_corporate_wpa2") #opmode wpa2-aes

(host) (SSID Profile "via_corporate_wpa2") #wlan client-wlan-profile

"via_corporate_wpa2"

NOTE: You can have only one profile (default) for VIA web authentication.