9.2.4.14. Trapeze

9.2.4.14.1. Generic

To have the Trapeze controller working with OpenNAC Enterprise, you need to define the RADIUS configuration and the proper service profiles.

RADIUS configuration

set radius server ON address 192.168.1.5 timeout 5 retransmit 3 deadtime 0 key secret
set server group ON-RADIUS members ON

Service Profiles

Here, we define two service profiles, one for the open ssid (OpenNAC-Public) and one for the WPA2-Enterprise SSID (OpenNAC-Secure):

set service-profile ON-Open ssid-name OpenNAC-Public
set service-profile ON-Open ssid-type clear
set service-profile ON-Open auth-fallthru last-resort
set service-profile ON-Open cipher-tkip enable
set service-profile ON-Open auth-dot1x disable
set service-profile ON-Open 11n mode-na required
set service-profile ON-Open attr vlan-name WLAN_REG

set service-profile ON-Secure ssid-name OpenNAC-Secure
set service-profile ON-Secure cipher-tkip enable
set service-profile ON-Secure cipher-ccmp enable
set service-profile ON-Secure wpa-ie enable
set service-profile ON-Secure rsn-ie enable
set service-profile ON-Secure 11n mode-na required
set service-profile ON-Secure attr vlan-name Wlan

set radio-profile default service-profile OpenNAC-Public
set radio-profile default service-profile OpenNAC-Secure

AAA configuration

Finally, we need to tie the service profiles with the proper AAA configuration.

set accounting dot1x ssid OpenNAC-Secure ** start-stop ON-RADIUS
set accounting mac ssid OpenNAC-Public * start-stop ON-RADIUS
set authentication mac ssid OpenNAC-Public * ON-RADIUS
set authentication dot1x ssid OpenNAC-Secure ** pass-through ON-RADIUS