Manualshelf

MSM7xx Controllers Configuration Guide v6.4.0

ManualsBrandsHP ManualsNetwork HardwareHP 425 Wireless Dual Radio 802.11n (WW) Access Point
551552553554555556557558559560
Example 5 Example 1
Assume that the controller is not behind a NATing device, and that its IP address is 192.168.4.2.
The subject DN in its SSL certificates is www.noc-cn3.com.
The Host HTTP header should be set to one of:
Host: www.noc-cn3.com:8090
Host: 192.168.4.2:8090
Example 6 Example 2
Assume that the controller is behind a NATting device. The device has the address 192.168.30.173,
and the controller has the address 192.168.4.2. A NAT mapping is defined on the NATting device
that redirects traffic received on port 8090 to 192.168.4.2:8090.
The login application must send its requests to 192.168.30.173, which results in a HTTP Host
header that contains one of the following:
Host: natting.device.com:8090
Host: 192.168.30.173:8090
When this request is forwarded to the controller, it is rejected. To solve the problem, the login
application must forge the host HTTP header. This is easily done by plugging in the values returned
by the %i, %a, and %p placeholders. For example:
Host: %i:%p
or
Host: %a,%p
The controller sends the username and password to the RADIUS server to authenticate the user. If
authentication is successful, the users IP address is used to grant wireless network access to the
users computer.
The controller returns a positive or negative answer for the user login, along with the relevant URLs
that may be needed by the login application in order to redirect the user to either a Welcome
page or a Login error page located on the Web server. This information is returned as standard
HTML. The login application must parse this information to retrieve the response. All possible
responses are described in the following section.
Returned values
The following examples show the information returned for various authentication conditions.
NOC authentication mode is not enabled
<HTML>
NOC_INFO_STATUS=NOC_STATUS_DISABLED
</HTML>
The controller did not receive the login applications SSL certificate
The login application did not send its certificate. Therefore, the request was rejected.
<HTML>
NOC_INFO_STATUS=NOC_STATUS_FAILURE
NOC_INFO_INT_ERR_MESSAGE=NOC_CANNOT_GET_PEER_CERT
</HTML>
Certificate mismatch
The login application sent an SSL certificate that does not match the one defined by
ssl-noc-certificate in the RADIUS profile for the controller.
<HTML>
NOC_INFO_STATUS=NOC_STATUS_FAILURE
NOC_INFO_INT_ERR_MESSAGE=NOC_CANNOT_GET_PEER_CERT
</HTML>
554 NOC authentication