MSM7xx Controllers Configuration Guide v6.4.0
Authentication
Local
User logins are authenticated with the list defined on the Controller >> Users > User accounts
page. Local user accounts use the authentication services of the internal RADIUS server which
supports the following 802.1X protocols: EAP-TLS, EAP-TTLS, and PEAPv0. Other protocols
may work but have not been tested.
Remote
• Active Directory: User logins are authenticated via Active Directory. To setup Active
Directory support go to the Controller >> Security > Active Directory page.
• RADIUS: User logins are authenticated via an external RADIUS server. The following
802.1X protocols are supported: EAP-MD5, EAP-TLS, EAP-TTLS, LEAP, PEAPv0, PEAPv1,
EAP-FAST, EAP-SIM, and EAP-AKA. (EAP-MD5 is not supported on VSCs that have WEP
with dynamic keys enabled.) Other protocols may work but have not been tested. To setup
the connection to an external RADIUS server, go to the Controller >> Authentication >
RADIUS profiles page.
◦ Request RADIUS CUI: Enable this option to support the Chargeable User Identity (CUI)
attribute as defined in RFC-4372. The CUI is used to associate a unique identifier
with a user so that the user can be identified (for billing, authentication or other
purposes) when roaming outside of their home network.
General
RADIUS accounting
Enable this option to have the controller generate a RADIUS START/STOP and interim request
for each user. The controller respects the RADIUS interim-update-interval attribute if present
inside the RADIUS access accept of the authentication.
Called-Station-ID content
(Only available when Access control is disabled under Global.)
Select the value that the AP (with which the user has established a wireless connection) will
return as the called station ID.
• Port 1: MAC address of the first Ethernet port on the AP.
• Port 2: MAC address of the second Ethernet port on the AP. (Not supported on all APs.)
• Wireless Radio: MAC address of the wireless radio on the AP on which this VSC is
operating.
802.1X authentication 337