Configuring WISPr Authentication

TheWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.authentication profile includes parameters to defineRADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.attributes, default roles for authenticatedWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.users, the maximum number of authentication failures, and login wait times. TheWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.-Location-ID, sent fromMobility Masterto theWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.server,is the concatenation of the International Organization for Standardization Country Code, E.164 Country Code, E.164 Area Code, andSSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.or Zone parameters configured in this profile.

The parameters used to defineWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.attributes are specific to theRADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.server yourISPInternet Service Provider. An ISP is an organization that provides services for accessing and using the Internet.uses forWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.authentication; contact yourISPInternet Service Provider. An ISP is an organization that provides services for accessing and using the Internet.to determine these values. You can find a list of International Organization for Standardization and International Telecommunication Union country and area codes at the International Organization for Standardization and International Telecommunication Union websites( www. iso.org)and http://www. itu.int.)

The following procedure describes how to configure aWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.authentication profile:

1.In theManaged Networknode hierarchy, navigate to theConfiguration > Authenticationpage.

2.SelectWISPr Authenticationfrom theL3 Authenticationtab.

3.UnderWISPr Authentication Profile: New Profile, click the+to add a new profile entry. To modify an existingWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.authentication profile, select a profile entry belowWISPr Authenticationin theAll Profileslist.

4.Enter aProfile name.

5.Define values for the following parameters:

Table 1:WISPr Authentication Profile Parameters

Parameter	Description
Default Role	Default role assigned to users that completeWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.authentication.
Max Authentication failures	Maximum number of failedWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.authentication attempts permitted for each user.
User Agent String	User agent that identifies and provides details on the browser used during anHTTPHypertext Transfer Protocol. The HTTP is an application protocol to transfer data over the web. The HTTP protocol defines how messages are formatted and transmitted, and the actions that the w servers and browsers should take in response to various commands.request
Logon wait minimum wait	If thecontroller’sCPUCentral Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions.utilization has surpassed theLogin wait CPU utilization threshold value,Logon wait minimum waitparameter defines the minimum number of seconds a userhas to wait to retry a login attempt. Range: 1–10 seconds. Default: 5 seconds.
Logon wait maximum wait	If thecontroller’sCPUCentral Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions.utilization has surpassed theLogin wait CPUutilization thresholdvalue, theLogon wait maximum waitparameter defines the maximum number of seconds a userhas to wait to retry a login attempt. Range: 1–10 seconds. Default: 10 seconds.
Logon wait CPU utilization threshold	Percentage ofCPUCentral Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions.utilization at which the maximum and minimum login wait times are enforced. Range: 1–100%. Default: 60%.
WISPr Location-ID ISO Country Code	The International Organization for Standardization Country Code section of theWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.Location ID.
WISPr Location-ID E.164 Country Code	的E.164国家代码部分WISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.Location ID.
WISPr Location-ID E.164 Area Code	The E.164 Area Code section of theWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.Location ID.
WISPr Location-ID SSID/Zone	TheSSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.or Zone section of theWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.Location ID.
WISPr Operator Name	Name identifying thehotspot热点是指一个WLAN节点提供实习生et connection and virtual private network (VPN) access from a given location. A business traveler, for example, with a laptop equipped for Wi-Fi can look up a local hotspot, contact it, and get connected through its network to reach the Internet.operator.
WISPr Location Name	Name identifying thehotspot热点是指一个WLAN节点提供实习生et connection and virtual private network (VPN) access from a given location. A business traveler, for example, with a laptop equipped for Wi-Fi can look up a local hotspot, contact it, and get connected through its network to reach the Internet.location. If no name is defined, the parameter uses the name of the associated AP.

6.ClickSubmit.

7.In theAll Profileslist, select theServer Groupentry below the WISPR authentication profile.

8.Select the group of RADIUS servers to be used for WISPr authentication from theServer Groupdrop-down list.

9.To enable authentication fail through and load balancing, select the check boxes forFail ThroughandLoad Balance.

10.ClickSubmit.

11.SelectPending Changes.

12.In thePending Changeswindow, select the check box and clickDeploy changes.

A Boingo smart client uses aNASNetwork Access Server. NAS provides network access to users, such as a wireless AP, network switch, or dial-in terminal server.identifier in the format _ for location identification. To support Boingo clients, you must also configure theNASNetwork Access Server. NAS provides network access to users, such as a wireless AP, network switch, or dial-in terminal server.identifier parameter in the Radius server profile for theWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.server

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands configureWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.authentication. The first set of commands defines theRADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.server used forWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.authentication, and the second set adds that server to a server group. The third set of commands associates that server group with theWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.authentication profile, then defines the profile settings.

(host) [md] (config) #aaa authentication-server radius

acctport

authport

clone

enable

enable-ipv6

enable-radsec

host

key

nas-identifier

nas-ip

retransmit

timeout

使用ip-for-calling-station

use-md5

(host) [md] (config) #aaa server-group

allow-fail-through

auth-server [match-authstring {contains |equals |starts-with ][match-fqdn {all|}][position ][trim-fqdn]

clone

load-balance

set {role|vlan} condition [contains |ends-with |equals |not-equals |starts-with ][value-of][set-value ][position ]

(host) [md] (config) #aaa authentication wispr

agent_string

clone

default-role

logon-wait {cpu-threshold |maximum-delay |minimum-delay }

max-authentication-failures

server-group

wispr-location-id-ac

wispr-location-id-cc

wispr-location-id-isocc

wispr-location-id-network

wispr-location-name-location

wispr-location-name-operator-name

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands display the servers and profiles configured forWISPrWireless Internet Service Provider Roaming. The WISPr framework enables the client devices to roam between the wireless hotspots using different ISPs.authentication:

(host) [md] #show aaa authentication-server radius

(host) [md] #show aaa server-group

(host) [md] #show aaa authentication wispr