Defining User Pools

About this task

A user pool defines policies for individual user access to local (controller, service platform or Access Point managed) RADIUS resources. User pools are a convenient means of providing RADIUS resources based on the pool's unique permissions (temporary or permanent). A pool can contain a single user or group of users.

To configure a RADIUS user pool and unique user IDs:

Procedure

  1. Select Configuration → Services → RADIUS from the main menu.
  2. Select User Pools.
    The RADIUS User Pool screen lists the default pool along with any other admin created user pool.
    Click to expand in new window
    RADIUS User Pool Screen
    GUID-083E8ED9-A4DB-41E5-92EF-F3639815CE6F-low.png
  3. Click Add to create a new RADIUS user pool, Edit to modify the configuration of an existing pool, or Delete to permanently remove a selected pool.
  4. If you are creating a new pool, assign it a name up to 32 characters and click Continue.
    The name should be representative of the users comprising the pool and/or the temporary or permanent access privileges assigned.
    Click to expand in new window
    RADIUS User Pool - User Pools - Details Screen
    GUID-F28E3D39-CEEA-4AA1-821B-41E60B11B9E5-low.png
  5. Refer to the following User Pool configurations.

    They define when specific user IDs have access to the access point's RADIUS resources.

    User IDThe unique string identifying this user. This is the ID assigned to the user when created and cannot be modified with the rest of the configuration.
    Guest UserSpecifies (with a green check) the user has guest access and temporary permissions to the local RADIUS server. The terms of the guest access can be set uniquely for each user. A red “X” designates the user as having permanent access to the local RADIUS server.
    Group The group name each configured user ID is a member.
    Email ID

    The configured E-mail ID for this user. This is the address used when communicating with users in this pool.

    Telephone

    The configured telephone number for this user. This is the number used when communicating with users in this pool.

    Start Date

    The month, day and year the listed user ID can access the access point‘s internal RADIUS server resources.

    Start Time

    The time the listed user ID can access the internal RADIUS server. The time applies only to the range defined by the start and expiry date.

    Expiry Date

    The month, day and year the listed user ID can no longer access the internal RADIUS server.

    Expiry Time

    The time the listed user loses access to internal RADIUS server resources. The time applies only to the range defined by the start and expiry date.

    Access Duration (days:hrs:mins:secs)The amount of time a user is allowed access when time-based access privileges are applied. The duration cannot exceed 365 days.
    Data Limit (KB)The total amount of bandwidth (in kilobytes) consumable by each guest user.
    Committed Downlink Rate (kbps)The download speed (in kilobytes) allocated to the guest user. When bandwidth is available, the user can download data at the specified rate. If a guest user has a bandwidth based policy and exceeds the specified data limit, their speed is throttled to the Reduced Downlink Rate.
    Committed Uplink Rate (kbps)The upload speed (in kilobytes) allocated to the guest user. When bandwidth is available, the user can download data at the specified rate. If a guest user has a bandwidth based policy and exceeds the specified data limit, their speed is throttled to the Reduced Uplink Rate.
    Reduced Downlink Rate (kbps)The reduced speed the guest utilizes (in kilobytes) when exceeding their specified data limit, if applicable. If a guest user has a bandwidth based policy and exceeds the specified data limit, their speed is throttled to the Reduced Downlink Rate.
    Reduced Uplink Rate (kbps)The reduced speed the guest utilizes (in kilobytes) when exceeding their specified data limit, if applicable. If a guest user has a bandwidth based policy and exceeds the specified data limit, their speed is throttled to the Reduced Uplink Rate.
  6. Click Add to add a new RADIUS user, Edit to modify the configuration of an existing user or Delete to remove an existing user ID.

    Select a RADIUS user and click Copy to make a copy of the user to make further modifications or use Rename to rename the existing RADIUS user.

    Click to expand in new window
    RADIUS User Pool - Add/Edit - Users Screen
    GUID-C63AA627-770A-4F9A-A437-120CA6EE16AF-low.png
  7. Refer to the following settings to create a new user with unique access privileges:
    User IDAssign a unique character string identifying this user. The ID cannot exceed 64 characters.
    PasswordProvide a password unique to this user ID. The password cannot exceed 32 characters. Select the Show checkbox to expose the password‘s actual character string. Otherwise the password displays as a string of asterisks (*).
    Guest UserSelect the check box to designate this user as a guest with temporary access. The guest user must be assigned unique access times to restrict their access.
    Group If the user has been defined as a guest, use the Group drop-down menu to assign the user a group with temporary access privileges. If the user is defined as a permanent user, select a group from the group list. If no groups are relevant to the user‘s intended access, select the Create link (or icon for guests) and create a new group configuration suitable for the user's membership.

    For more information, see Creating RADIUS Groups.

    Email ID

    Set the email ID for this user.

    Telephone

    Specify the telephone number for this user.

    Specify the 12-character maximum telephone number of the client user (user ID) requesting authentication validation to the controller or service platform using this user pool.

  8. Refer to the following Time settings to define time-based guest user access privileges:
    Start DateEnter a start date, or use the calendar icon to select a starting date for the user's credentials to start working.
    Start TimeEnter a start time, or use the spinner controls to select a starting time for the user's credentials to start working. Use the AM and PM buttons to apply a morning or afternoon/evening designation.
    Expiry DateEnter an end date, or use the calendar icon to define an expiration date for the user's credentials. Selecting this option enables the Till Expiry radio button.
    Expiry TimeIf you are using the Till Expiry option, enter an end time, or use the spinner controls to select an ending time for the user's credentials to expire. Use the AM and PM buttons to apply a morning or afternoon/evening designation.
    Access DurationSpecify the time a user can access the system when time based access privilege are applied. Select Till Expiry to allow user access until their configured expiry date and time are met. To limit the time a user can access the captive portal during their configured time period, specify the Days, Minutes, and Seconds the user is allowed access. The Access Duration cannot exceed 365 days.
  9. To allow the guest user unlimited data usage, select Unlimited.
    To limit bandwidth, select Limited and refer to the Data field to create bandwidth based access privileges:
    Data LimitUse the spinner control to specify the maximum bandwidth consumable by the guest user. Once a value is configured, select the measurement as either GB (gigabytes) or MB (megabytes).
    Committed Downlink RateUse the spinner control to specify the download speed dedicated to the guest user. When bandwidth is available, the user can download data at the specified rate. Once a value is configured, select the measurement as either MBPS (Megabytes per second) or KBPS (Kilobytes per second). If a guest user has a bandwidth based policy and exceeds the specified data limit, their speed is throttled to the defined Reduced Downlink Rate.
    Reduced Downlink RateUse the spinner control to specify a reduced speed for guest operation when they have exceeded their specified data limit, if applicable. If a guest user has a bandwidth based policy and exceeds the specified data limit, their speed is throttled to the Reduced Downlink Rate. Once a value is configured, select the measurement as either MBPS (Megabytes per second) or KBPS (Kilobytes per second).
    Committed Uplink RateUse the spinner control to specify the upload speed dedicated to the guest user. When bandwidth is available, the user is able to upload data at the specified rate. Once a value is configured, select the measurement as either MBPS (Megabytes per second) or KBPS (Kilobytes per second). If a guest user has a bandwidth based policy and exceeds the specified data limit, their speed is throttled to the Reduced Uplink Rate.
    Reduced Uplink RateUse the spinner control to specify a reduced speed for guest operation when they‘ve exceed their specified data limit, if applicable. If a guest user has a bandwidth based policy and exceeds the specified data limit, their speed is throttled to the Reduced Uplink Rate. Once a value is configured, select the measurement as either MBPS (Megabytes per second) or KBPS (Kilobytes per second).
  10. Click OK to save the user's group membership configuration.
    Click Reset to revert to the last saved configuration.