Configuring the AAA Profile for Bridge

After you configure the sessionACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port., define theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile used for bridge. When defining theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.parameters, specify the previously configured user role that contains the sessionACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.used for bridge.

If you enableRADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.accounting in theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile, theMobility Mastersends aRADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.accounting start record to theRADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.server when a user associates with theremote APRemote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link., and sends a stop record when the user logs out or is deleted from the user database. If you enable interim accounting, theMobility Mastersends updates at regular intervals. Each interim record includes cumulative user statistics, including received bytes and packets counters. For more information onRADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.accounting, see.

下面的过程介绍如何配置theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile for bridge:

1.In theManaged Networknode hierarchy, navigate to theConfiguration > System > Profilestab.

2.SelectWireless LAN > AAAunderAll Profiles.

3.Click+inAAA Profile.

4.Enter theProfile name.

5.Select the appropriate role (for example, “logon”) from theInitial roledrop-down list.

6.Select the user role you previously configured for split tunneling or bridge from the802.1X Authentication Default Roledrop-down list.

7.ClickSave.

8.Select theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile created and locate the802.1X Authentication Server Group, and select theServer Groupto be used (for example “default”) from the drop-down list.

9.ClickSave.

10.ClickPending Changes.

11.In thePending Changeswindow, select the check box and clickDeploy changes.

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands configures theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile for bridge:

(host) [mynode] (config) #aaa profile

(host) [mynode] (config) #authentication-dot1x

(host) [mynode] (config) #dot1x-default-role

(host) [mynode] (config) #dot1x-server-group

(host) [mynode] (config) #radius-accounting

(host) [mynode] (config) #radius-interim-accounting