Detailed instructions for use are in the User's Guide.
[. . . ] .
ELITECONNECT WLAN SECURITY SYSTEM
Full authentication support--supports RADIUS, LDAP, 802. 1x, Kerberos, Windows NT/2000 domain and built-in database. VPN support allows secure wireless communications to and from wireless clients. Rights-based network access increases network security by providing network administrators full control on users' access to a network, based on user identification, location, and time. Web-based configuration is easy-to-use, convenient and provides simple configuration management. [. . . ] If you use LDAP, RADIUS, or Kerberos authentication, these fields are not available. The User Manager shows the new user, as shown in Figure 6-40 on page 6-35.
Step 6.
New User Added
Figure 6-40. New User Added in User Manager
EliteConnect WLAN Security System User Manual
6-35
6. 6. 2
Modifying a User's Characteristics
You might want to change or add a user's group membership to associate the user with a group with a different set of rights. To modify a user's name, group membership, or password:
Step 1.
In the Users Manager, as shown in Figure 6-40 on page 6-35, click the user you want to modify. The User Editor appears, as shown in Figure 6-41 on page 6-36.
Figure 6-41. Step 4.
Make the changes that you require in the User Editor, such as group membership or password. The user's characteristics are modified.
6. 6. 3
Deleting a User
To delete a user:
Step 1.
From the User Manager Screen, as shown in Figure 6-42 on page 6-37, click the user you want to delete.
6-36
Configuring the Rights Manager
Click User to Delete
Figure 6-42. Selecting a User to Delete
Step 2.
The User Editor screen appears, as shown in Figure 6-43 with the name of the user you selected.
Figure 6-43. User Editor With User Selected
Step 3.
To delete this user, click Delete. The Delete Confirmation screen, as shown in Figure 6-44 on page 6-38 appears.
EliteConnect WLAN Security System User Manual
6-37
Figure 6-44. User Delete Confirmation Screen
Step 4.
If you want to delete the user, click Yes. Otherwise, click No.
6. 6. 4
Adding a MAC Address as a User
You can add a specific MAC address as a user. Typical applications for this feature include an Access Point, a server running without user intervention, a wireless device without SSL capability, or a specific user who does not want to log on.
Note: The MAC address does not have to belong to any group.
Step 1.
In the User Manager screen, click New User. The User Editor appears, as shown in Figure 6-45 on page 6-38.
Figure 6-45. Step 3.
Type the MAC address in the User Name text box, as shown in Figure 646. User Editor with MAC Address for User Name
Step 4.
Click Update. The User Manager shows the MAC address added as a user, as shown in Figure 6-47.
EliteConnect WLAN Security System User Manual
6-39
MAC Address Added
Figure 6-47. User Manager Showing MAC Address Added
Note:
If you wanted to give the MAC address user special rights that the Implicit User group does not have, add the MAC address user to a particular Normal group. You must allow that Normal group at the locations that you want those rights to apply.
6. 7
Enforcing Authentication
SMC uses the following authentication services: · Built-in (the default service created by SMC) · LDAP · RADIUS · Kerberos The Built-in service is available if you choose not use the other authentication services in place. Depending on your enterprise network, you might use one or more of these authentication services, or you might have back-up servers if your primary service is not available. To choose your authentication method:
Step 1.
Start with the Rights Manager Screen, as shown in Figure 6-48 on page 641, and click Authentication.
6-40
Configuring the Rights Manager
Click
Figure 6-48. Clicking Authentication from User Manager Screen
If you are choosing an Authentication service for the first time, you see the Built-in method screen, as shown in Figure 6-49 on page 6-41. [. . . ] a means of proving that a client is who it claims to be through use of a password or shared secret. a logical function of the WLAN Secure Server that performs two functions: 1) Coordinates between the WLAN Access Managers and the Rights Manager 2) Coordinates WLAN Access Manager-to-WLAN Access Manager communications, such as a roaming handoff. a timer that determines how long before a a user must re-authenticate. the Rights Manager location that a client belongs to if it does not associate with any other location. [. . . ]