Roles

A role is a set of network access services that can be applied at various points in a policy-enabled network. Roles are usually named for a type of user such as Student, Staff, or Guest. Often, role names will match the naming conventions that already exist in the organization. The role name should match filter ID values set up on the RADIUS servers.

The default non-authenticated (Default Unauth) role will be used while the client is not authenticated but able to access the network. The default authenticated role will be assigned to a client if it completes authentication successfully but the authentication process did not explicitly assign a role to the client.

The Default Unauth role lets you control access to sensitive information and protocols. After a wireless client authenticates, a default role is applied when:

The RADIUS server that authenticates the user does not specify a filter ID to apply to the user's session.
The filter ID returned by the RADIUS server does not correspond to a role defined for the group.

Note

Default roles are created on the Networks page.

A role can have no rules if the default action is sufficient. Rules are used only to provide different treatments for different packet types to which a single role is applied.

Roles

More Information