hs-nai-realm
Use the hs-nai-realm command from the hotspot context to
configure the NAI Realm for the hotspot.
hs-nai-realm
(add|delete
NAI Realm EAP_method[ EAP_method] ,*) | (delete
NAI Realm)
Parameters
add|delete
NAI Realm EAP_method[
EAP_method],* |
The the NAI (Network Access Identification) Realms list is a
FQDN of the service provider. This is a list of realms that can be successfully
authenticated. Each realm can have up to 8 supported EAP methods. Valid EAP Methods
include:
- EAP-TLS
- EAP-TTLS-PAP
- EAP-TTLS-CHAP
- EAP-SIM-SIM
- EAP-TTLS-MSCHAP
- EAP-TTLS-MSCHAPv2
- EAP-AKA2-USIM
- EAP-AKA-USIM
|
Usage
Consider the following
when configuring an NAI Realm list for each hotspot:
- Add all realms that can authenticate a mobile device‘s log on
credentials or certificate credentials, including the realms of all roaming partners
that are accessible from the hotspot AP. Include the realm of the home SP.
- Add a realm for the PLMN ID. This is the cellular network identity based on public
land mobile network (PLMN) information.
- You can configure the EAP method list to support devices that do not know the EAP
methods that are being used by a given service provider.
- If the device has been provisioned with the home service provider, the device does not
need to use the EAP methods in the NAI Realm List. The mobile device knows the EAP
method required to authenticate against its home service provider and automatically uses
it.
- Keep your DNS server records up to date, so that mobile devices can resolve the server
domain names (FQDN).
For more information, see the ExtremeWireless
User Guide.
Examples
EWC.extremenetworks.com:wlans:hs:hotspot# hs-nai-realm add LS620 EAP-TLS