Dell PowerConnect W Clearpass 100 Software D-Link DSA-3600 Integration Guide - Page 33

Appendix A - Per User Policy Definition via RADIUS

Get Dell PowerConnect W Clearpass 100 Software PDF manuals and user guides View all Dell PowerConnect W Clearpass 100 Software manuals
Add to My Manuals
Save this manual to your list of manuals

Page 33 highlights

Appendix A - Per User Policy Definition via RADIUS As mentioned in the Service Zone configuration section of the D-Link DSA-3600 configuration, RADIUS attributes can be used to trigger Per-User policy definitions used to drive the Guest access user experience. In this case we will use the amigopod RADIUS technology to manage the Per-User policy configuration and it will be implemented using amigopod User Roles. As with all amigopod deployments, User Roles can be configured to implement a wireless policy for each user once they have been authenticated. These roles definitions can be made up of both Standard RADIUS attributes as per RFC 2865 and also Vendor Specific Attributes (VSA) that enable vendors such as D-Link to extend their functionality and apply policies based on their value-add features. Amigopod has an extensive RADIUS dictionary of vendors and includes the full list of supported VSAs from D-Link. For more details on the definition and use of the D-Link VSA attributes please refer to the latest D-Link Application Note discussed in Appendix C. In order to setup up this centrally controlled RADIUS configuration of the Public Access interface there are two steps within the amigopod configuration that need to be addressed: • Create a User Role with the desired RADIUS Attributes • Define a test user that is part of this role to test out any Policy elements that have been configured. CONFIDENTIAL 33

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
CONFIDENTIAL
33
Appendix A – Per User Policy Definition via RADIUS
As mentioned in the
Service Zone
configuration section of the D-Link DSA-3600 configuration,
RADIUS attributes can be used to trigger Per-User policy definitions used to drive the Guest
access user experience.
In this case we will use the amigopod RADIUS technology to manage the Per-User policy
configuration and it will be implemented using amigopod
User Roles.
As with all amigopod deployments,
User Roles
can be configured to implement a wireless policy
for each user once they have been authenticated. These roles definitions can be made up of
both Standard RADIUS attributes as per RFC 2865 and also Vendor Specific Attributes (VSA)
that enable vendors such as D-Link to extend their functionality and apply policies based on
their value-add features.
Amigopod has an extensive RADIUS dictionary of vendors and includes the full list of supported
VSAs from D-Link. For more details on the definition and use of the D-Link VSA attributes
please refer to the latest D-Link Application Note discussed in
Appendix C
.
In order to setup up this centrally controlled RADIUS configuration of the Public Access
interface there are two steps within the amigopod configuration that need to be addressed:
Create a
User Role
with the desired RADIUS Attributes
Define a test user that is part of this role to test out any
Policy
elements that have been
configured.