MSM7xx Controllers Configuration Guide v6.4.0

ManualsBrandsHP ManualsNetwork HardwareHP 425 Wireless Dual Radio 802.11n (JP) Access Point

331

332

333

334

335

336

337

338

339

340

authenticating devices that do not have a Web browser and are permanently installed on a network

(a printer or point-of-sale terminal, for example), but can also be used for regular users.

MAC authentication can be configured at several different levels as described in the following

table.

Switch portVSCGlobal

Authentication is handled by the HP

517 or MSM317.

Authentication is handled by either the

controller or the AP. (Depends on how

the VSC is configured.)

Authentication is handled by the

controller.

Applies to wired users only.Applies to wireless users if the VSC is

configured for either Authentication

Applies to both wireless and wired

users.

and/or Access control. If neither are

configured, applies to both wireless

and wired users.

Settings are defined on a per-port basis.Settings are defined on a per-VSC

basis.

Settings apply globally to all VSCs,

except for the authentication server

which is defined on a per-VSC basis.

Can only be used when the switch port

is not bound to a VSC.

Can be used on non-access-controlled

VSCs, or on access-controlled VSCs

Can only be used on access-controlled

VSCs that have HTML-based user

logins enabled. that have HTML-based user logins

disabled.

Configured by selecting Controlled APs

> [HP 517 or MSM 317 AP ] >>

Configured using the Add/Edit Virtual

Service Community configuration page

in the management tool.

Configured using a RADIUS attribute

or local public access attribute.

Configuration > Switch ports >

[switch-port ] in the management tool.

User credentials can be validated using:

• External RADIUS server

User credentials can be validated

using:

User credentials can be validated

using:

•• Local user accounts on the

controller

Local user accounts on the

controller

• •External RADIUS server External RADIUS server

(Depends on how the VSC is

configured.)

• Active Directory

See “Configuring MAC-based

authentication on an HP 517 or

MSM317 switch port” (page 343).

See “Configuring MAC-based

authentication on a VSC” (page 342).

See “Configuring global MAC-based

authentication” (page 341).

MAC-based filtering

In addition, MAC-based filters can also be used to manage access to the network.

Switch portVSC

Filtering occurs individually on each HP 517 or MSM317

switch port.

Filtering occurs on the AP wireless interfaces.

Applies to wired client stations only.Applies to wireless client stations only.

Settings are defined on a per-port basis.Settings are defined on a per-VSC basis.

Can only be used when the switch port is not bound to a

VSC.

Can be used on both access-controlled and

non-access-controlled VSCs.

Configured by selecting Controlled APs > [HP 517 or

MSM317] >> Configuration > Switch ports > [switch-port ]

in the management tool.

Configured using the Add/Edit Virtual Service Community

configuration page in the management tool.

340 User authentication, accounts, and addressing