Manualshelf

MSM7xx Controllers Configuration Guide v6.4.0

ManualsBrandsHP ManualsNetwork HardwareHP 425 Wireless Dual Radio 802.11n (JP) Access Point
341342343344345346347348349350
The MAC address sent by the controller or controlled AP in the RADIUS REQUEST packet for
both username and password is 12 hexadecimal numbers in the format defined on the Controller
>> Authentication > MAC format page. See “Configuring MAC address format” (page 347).
The RADIUS server will reply to the REQUEST with either an ACCEPT or REJECT RADIUS
RESPONSE packet. In the case of an ACCEPT, the RADIUS server can return the session-timeout
RADIUS attribute (if configured for the account). This attribute indicates the amount of time, in
seconds, that the authentication is valid for. When this period expires, the controller or controlled
AP will re-authenticate the wireless station.
Request RADIUS CUI: Enable this option to support the Chargeable User Identity (CUI)
attribute as defined in RFC-4372. The CUI is used to associate a unique identifier with a
user so that the user can be identified (for billing, authentication or other purposes) when
roaming outside of their home network.
General
RADIUS accounting
Enable this option to have the controller generate a RADIUS START/STOP and interim request
for each user. The controller respects the RADIUS interim-update-interval attribute if present
inside the RADIUS access accept of the authentication.
Called-Station-ID content
(Only available when Access control is disabled under Global)
Select the value that the AP (with which the user has established a wireless connection) will
return as the called station ID.
Port 1: MAC address of the first Ethernet port on the AP.
Port 2: MAC address of the second Ethernet port on the AP. (Not supported on all APs.)
Wireless Radio: MAC address of the wireless radio on the AP on which this VSC is
operating.
BSSID: Basic service set ID of the wireless network defined for this VSC.
macaddress:ssid: The MAC address of the AP radio, followed by a colon, followed by
the SSID configured on this VSC.
Configuring MAC-based authentication on an HP 517 or MSM317 switch port
If a switch port on the HP 517 or MSM317 is not bound to a VSC then MAC-based authentication
can be enabled on the switch port. Select Controlled APs > [HP 517 or MSM317 AP] >>
Configuration > Switch ports > [switch-port ] in the management tool.
MAC authentication tasks are handled by the HP 517 or MSM317. The HP 517 or MSM317 uses
the services of a third-party RADIUS server (configured by defining a RADIUS profile on the Controller
>> Authentication > RADIUS profiles page) to validate user login credentials.
MAC-based authentication 343