hs-nai-realm

Use the hs-nai-realm command from the hotspot context to configure the NAI Realm for the hotspot.

hs-nai-realm (add|delete NAI Realm EAP_method[ EAP_method] ,*) | (delete NAI Realm)

Parameters

add|delete NAI Realm EAP_method[ EAP_method],* The the NAI (Network Access Identification) Realms list is a FQDN of the service provider. This is a list of realms that can be successfully authenticated. Each realm can have up to 8 supported EAP methods. Valid EAP Methods include:
  • EAP-TLS
  • EAP-TTLS-PAP
  • EAP-TTLS-CHAP
  • EAP-SIM-SIM
  • EAP-TTLS-MSCHAP
  • EAP-TTLS-MSCHAPv2
  • EAP-AKA2-USIM
  • EAP-AKA-USIM

Usage

Consider the following when configuring an NAI Realm list for each hotspot:
  • Add all realms that can authenticate a mobile device‘s log on credentials or certificate credentials, including the realms of all roaming partners that are accessible from the hotspot AP. Include the realm of the home SP.
  • Add a realm for the PLMN ID. This is the cellular network identity based on public land mobile network (PLMN) information.
  • You can configure the EAP method list to support devices that do not know the EAP methods that are being used by a given service provider.
  • If the device has been provisioned with the home service provider, the device does not need to use the EAP methods in the NAI Realm List. The mobile device knows the EAP method required to authenticate against its home service provider and automatically uses it.
  • Keep your DNS server records up to date, so that mobile devices can resolve the server domain names (FQDN).

For more information, see the ExtremeWireless User Guide.

Examples

EWC.extremenetworks.com:wlans:hs:hotspot# hs-nai-realm add LS620 EAP-TLS