Dell PowerConnect W Clearpass 100 Software ArubaOS Integration Guide - Page 16
Creating an RFC3576 Server Instance, Adding a AAA server group
View all Dell PowerConnect W Clearpass 100 Software manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 16 highlights
Amigopod and ArubaOS Integration Adding a AAA Server Group aaa server-group "Guest-Amigopod" auth-server "Amigopod" position 1 Application Note Figure 6 Adding a AAA server group Creating an RFC3576 Server Instance RFC3576 is an extension to the RADIUS standard that allows for a RADIUS server initiated control of an established RADIUS AAA session. The two primary functions of the RFC are represented by the following two messages: Disconnect messages: The RADIUS server sends a Disconnect-Request packet to terminate a user session on a NAS and removes all associated session context. The Disconnect-Request packet is sent to UDP port 3799 and it identifies the user session to be terminated by inclusion of the session identification attributes. Change of Authorization (CoA) messages: CoA-request packets contain information for dynamically changing session authorizations. Typically these messages are used to change the context of the user session. For ArubaOS, this means changing the user role that the current session is assigned. This feature enables many different business rules, such as bandwidth throttling after a quota is exceeded. Configuring an RFC3576 Server As part of the guest access solution addressed by this guide, Amigopod serves as the RFC3576 server and can perform the disconnect and CoA functions. Make these configurations in the RFC3576 server definition: The name of the RFC3576 server definition must be the IP address of the Amigopod. The Key must match the shared secret configuration that was defined for the RADIUS server. Aruba Networks, Inc. ArubaOS Configuration | 16