|
Name
|
Specifies a name for the RADIUS attributes policies.
|
Enter a name for the RADIUS attributes policies.
|
|
Description
|
Describes the RADIUS attributes policies.
|
Enter a brief description for the RADIUS attributes policies.
|
|
Location Group
|
Specifies the location groups for the RADIUS attributes
policies.
|
Select the location group from the Non-member list and
click Add to move them to the Members list.
Note:
To apply the policy to all location groups, do not add
any location groups and leave the default setting (all) listed in
the Selected Location Groups list.
|
|
Enable Open port
|
Disables assigning endpoints to a VLAN or returning any
RADIUS attributes.
|
Select this option to disable all other RADIUS attributes
options.
|
|
Enable VLAN
|
Enables VLAN assignment according to RFC 3580 by returning
the RADIUS tunnel attributes to the network access device.
|
Select this option to configure VLAN assignment.
Note:
Selecting this option is equivalent to manually specifying
the three RFC 3580 RADIUS tunnel attributes in the Enable Return Attribute
section.
|
|
VLAN
|
Specifies the existing VLAN ID on the network infrastructure
that you want to use for the role(s) to which this policy applies.
|
Specify the existing VLAN ID.
|
|
Enable Return Attribute
|
Enables the return-attribute option.
|
Select this option to enable return attributes.
|
|
return-attribute
|
Specifies the return attributes to be sent to the network
access device.
|
Click return-attribute and
add the return attribute.
- From the Attribute drop-down list, select the
return attribute you want to send.
- For Value, enter the value for the selected attribute,
and then click OK.
|
|
Enable addition of Session-Timeout attribute with value
equal to the Session Lifetime
|
Sends the Infranet Controller a session timeout value
equal to the timeout value of the configured session length on all
RADIUS accepts.
|
Clear this check box to prevent the Infranet Controller
from sending a session timeout value equal to the timeout value of
the configured session length on all RADIUS accepts. This allows you
to set the reauthentication timer statically on the switch port, if
required
|
|
Interface
|
Specifies the Infranet Controller network interface for
use by endpoints using RADIUS attributes policies to connect to the
Infranet Controller.
|
- Select Automatic to use VLAN
tagging . You must also connect the Infranet Controller internal interface
to the trunk port on a VLAN-enabled switch that sees all of the VLAN
traffic.
- Select Internal if the endpoints
using RADIUS attributes policies should use the IP address of the
Infranet Controller's internal interface.
- Select External if the endpoints
on the configured VLAN should use the IP address of the Infranet Controller's
external interface.
|
|
Applies to Roles
|
Specifies the roles to which the policies apply.
|
- Select Policy applies to ALL roles to apply this policy to all users.
- Select Policy applies to SELECTED roles to apply this policy only to users who are mapped to roles in the
Members list.
- Select Policy applies to all roles OTHER
those selected to apply this policy to all users except
for those who map to the roles in the Members list.
|
|
Role Selection
|
Lists the members and non—members for applying
the policy.
|
Select the role from the Non-members list and click Add to move them to the Members list.
|
