Cisco Cisco Access Registrar 4.2 Dokumentacja Strona 307
- Strona / 636
- Spis treści
- ROZWIĄZYWANIE PROBLEMÓW
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
6-43
Cisco Wireless LAN Controller Configuration Guide
OL-13826-01
Chapter 6 Configuring WLANsWireless Device Access
Configuring WLANs
Configuring Conditional Web Redirect with 802.1X Authentication
You can configure a WLAN to redirect a user to a particular web page (under certain conditions) after
802.1X authentication has completed successfully. Such conditions might include the user’s password
reaching expiration or the user needing to pay his or her bill for continued usage. You can specify the
redirect page and the conditions under which the redirect occurs on your RADIUS server.
If the RADIUS server returns the Cisco AV-pair “url-redirect,” then the user is redirected to the specified
URL upon opening a browser. If the server also returns the Cisco AV-pair “url-redirect-acl,” the specified
access control list (ACL) is installed as a preauthentication ACL for this client. The client is not
considered fully authorized at this point and is only allowed to pass traffic allowed by the
preauthentication ACL.
After the client completes a particular operation at the specified URL (for example, changing a password
or paying a bill), the client must reauthenticate. When the RADIUS server does not return a
“url-redirect,” the client is considered fully authorized and allowed to pass traffic.
Note The conditional web redirect feature is available only for WLANs that are configured for 802.1X or
WPA+WPA2 Layer 2 security.
Once the RADIUS server is configured, you can then configure the conditional web redirect on the
controller using either the controller GUI or CLI.
Configuring the RADIUS Server
Follow these steps to configure your RADIUS server.
Note These instructions are specific to the CiscoSecure ACS; however, they should be similar to those for
other RADIUS servers.
Step 1 From the CiscoSecure ACS main menu, click Group Setup.
Step 2 Click Edit Settings.
Step 3 From the Jump To drop-down menu, choose RADIUS (Cisco IOS/PIX 6.0). The window shown in
Figure 6-20 appears.
- Configuration Guide 1
- CONTENTS 3
- Contents 10
- OL-13826-01 10
- Audience 22
- Organization 22
- Conventions 23
- Related Publications 25
- Overview 27
- Chapter 1 Overview 28
- Single-Controller Deployments 29
- Operating System Software 31
- Operating System Security 31
- Operational Requirements 33
- Configuration Requirements 33
- Controller Platforms 34
- Features Not Supported 35
- Cisco 4400 Series Controllers 36
- Cisco UWN Solution WLANs 40
- Identity Networking 40
- File Transfers 42
- Power over Ethernet 42
- Startup Wizard 43
- Rogue Access Points 47
- • Using the CLI, page 2-7 49
- Guidelines for Using the GUI 50
- Opening the GUI 50
- Using the CLI 55
- Logging Out of the CLI 56
- CLI Interfaces 57
- Controller console 61
- Distribution System Ports 62
- Interfaces 63
- Management Interface 64
- AP-Manager Interface 64
- Virtual Interface 65
- Service-Port Interface 66
- Dynamic Interface 66
- Service-Port Interfaces 68
- Configuring Ports 76
- Configuring Port Mirroring 80
- Enabling Link Aggregation 87
- Link Aggregation Guidelines 89
- Step 3 Reboot the controller 92
- Connecting Additional Ports 98
- Before You Start 100
- Configuring 802.11 Bands 106
- Configuring DHCP Proxy 116
- Configuring RADIUS Settings 117
- Configuring SNMP 118
- Enabling System Logging 124
- Enabling 802.3x Flow Control 124
- Configuring 802.3 Bridging 127
- Configuring Multicast Mode 129
- Configuring Client Roaming 134
- Intra-Controller Roaming 135
- Inter-Controller Roaming 135
- Inter-Subnet Roaming 135
- CCX Layer 2 Client Roaming 136
- Call Admission Control 146
- Expedited Bandwidth Requests 147
- Traffic Stream Metrics 148
- Figure 4-19 Clients Page 152
- (see Figure 4-25) 156
- Configuring EDCA Parameters 162
- Configuring RFID Tag Tracking 173
- General WiSM Guidelines 181
- Configuring the Supervisor 182
- Cisco UWN Solution Security 186
- Layer 3 Solutions 187
- Rogue Access Point Solutions 187
- Configuring TACACS+ 188
- Configuring LDAP 203
- Configuring Local EAP 207
- Figure 5-16 Local EAP Example 208
- Configuring DHCP Option 82 220
- Validating SSIDs 221
- Guidelines for Using MFP 234
- Identity Networking Overview 242
- ACL-Name 243
- Interface-Name 243
- VLAN-Tag 244
- Tunnel Attributes 244
- Configuring AAA Override 245
- Configuring IDS 248
- Viewing Shunned Clients 251
- Configuring IDS Signatures 252
- Configuring AES Key Wrap 260
- WLAN Overview, page 6-2 265
- Configuring WLANs, page 6-2 265
- WLAN Overview 266
- Configuring WLANs 266
- Using the GUI to Create WLANs 267
- Using the CLI to Create WLANs 269
- Configuring DHCP 270
- Security Considerations 271
- Configuring DHCP Scopes 273
- Enabling MAC Filtering 276
- Creating a Local MAC Filter 276
- Assigning WLANs to Interfaces 277
- Configuring Layer 2 Security 280
- WPA1 and WPA2 282
- Configuring a Session Timeout 287
- Configuring Layer 3 Security 288
- VPN Passthrough 289
- Web Authentication 289
- Configuring QoS Enhanced BSS 293
- Configuring IPv6 Bridging 296
- Configuring WLAN Override 301
- Creating Access Point Groups 304
- Configuring the RADIUS Server 307
- External Antenna Connectors 316
- Antenna Sectorization 317
- Wireless Mesh 320
- Configuring Mesh Parameters 324
- MESH MESH 331
- MESH MESH MESH 331
- MESHMESH 331
- Figure 7-10 All APs Page 334
- Figure 7-12 All APs Page 340
- Background Scanning Scenarios 344
- Channel 1 = 153 345
- Channel 2 = 161 345
- Routing Around Interference 346
- Authorizing Access Points 349
- Using DHCP Option 43 351
- • Type: 0xf1 (decimal 241) 352
- Lightweight Mode 356
- Local Core Files: 357
- Cisco Workgroup Bridges 359
- Guidelines for Using WGBs 360
- Sample WGB Configuration 362
- Figure 7-24 Clients Page 363
- Configuring Country Codes 367
- -U Regulatory Domain 373
- Guidelines for Migration 374
- Dynamic Frequency Selection 376
- Access Points 377
- Figure 7-30 Inventory Page 378
- Performing a Link Test 379
- Figure 7-32 Clients Page 380
- Figure 7-33 Link Test Page 381
- Configuring Flashing LEDs 384
- Viewing Clients 385
- Using the CLI to View Clients 388
- Configurations 391
- Upgrading Controller Software 392
- Downloading CA Certificates 400
- Uploading PACs 402
- Using the GUI to Upload PACs 403
- Using the CLI to Upload PACs 403
- Uploading Configuration Files 404
- Saving Configurations 408
- Resetting the Controller 409
- Managing User Accounts 411
- Creating Guest User Accounts 412
- Viewing Guest User Accounts 416
- Web Authentication Process 417
- Configuration Overview 434
- Configuration Guidelines 435
- Configuring Radio Resource 443
- Radio Resource Monitoring 444
- Dynamic Channel Assignment 445
- Overview of RF Groups 447
- Configuring an RF Group 448
- Viewing RF Group Status 450
- Figure 10-3 All APs Page 453
- Configuring Dynamic RRM 456
- Table 10-1 RRM Parameters 457
- Overriding Dynamic RRM 466
- Radio Measurement Requests 472
- Location Calibration 472
- Configuring Pico Cell Mode 476
- Overview of Mobility 484
- Overview of Mobility Groups 487
- Configuring Mobility Groups 490
- Prerequisites 491
- Running Mobility Ping Tests 508
- Overview of Hybrid REAP 510
- Hybrid REAP Guidelines 512
- Configuring Hybrid REAP 513
- Figure 12-6) 520
- Safety Considerations and 529
- Translated Safety Warnings 529
- Safety Considerations 530
- Warning Definition 530
- Varoitus 531
- Attention 531
- Avvertenza 531
- Advarsel 531
- ¡Advertencia! 532
- Varning! 532
- Class 1 Laser Product Warning 533
- Produto a laser de classe 1 534
- Klasse 1 laserprodukt 534
- Ground Conductor Warning 535
- Waarschuwing 546
- Controllers 551
- Information 555
- Statement 556
- Canadian Compliance Statement 557
- • Safety: EN 60950 558
- • Radio: EN 301.893 559
- Japanese Translation 560
- English Translation 560
- All Access Points 561
- End User License and Warranty 565
- End User License Agreement 566
- Limited Warranty 568
- Disclaimer of Warranty 570
- Additional Open Source Terms 571
- Troubleshooting 573
- Interpreting LEDs 574
- System Messages 574
- Monitoring Memory Leaks 582
- Diagnostic Channel 584
- Client Reporting 584
- Figure D-3) 591
- Using the Debug Facility 599
- Logical Connectivity Diagrams 605
- Cisco WiSM 606
- Controller Switch 608
- • debug wcp ? 609
- Numerics 611
© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.046 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji