Manualshelf

MSM7xx Controllers Configuration Guide v6.4.0

ManualsBrandsHP ManualsNetwork HardwareHP 425 Wireless Dual Radio 802.11n (JP) Access Point
131132133134135136137138139140
RADIUS authentication realms
When realms are enabled for accounting or authentication, selection of the RADIUS server to use
is based on the realm name. If no match is found, then the configured RADIUS profile name is
used. This applies to any VSC authentication or accounting setting that uses a RADIUS server.
Realm names are extracted from user names as follows: if the username is
person1@mydomain.com then mydomain.com is the realm. The authentication request is sent
to the RADIUS profile with the realm name mydomain.com. The username sent for authentication
is still the complete person1@mydomain.com.
For added flexibility, regular expressions can be used in realm names, enabling a single realm
name to match many users. For example, if a realm name is defined with the regular expression
^abc.* then all usernames beginning with abc followed by any number of characters will match.
The following usernames would all match:
abc123.biz
abc321.lan
abc1
IMPORTANT:
Realms are not case sensitive.
Realms have a maximum length of 64 characters.
A maximum of 200 realms can be defined across all profiles. However, there is no limit per
profile.
Each RADIUS profile can be associated with one or more realms. However, a realm cannot
be associated with more than one profile.
A realm overrides the authentication RADIUS server only; the server used for accounting is
not affected.
A realm overrides the authentication RADIUS server only. The server used for accounting is
not affected.
When the realm configuration is changed in any way, all authenticated users are logged out.
VSC configuration options 131