Configuring Dynamic Authorization Server Support

DAS helps secure your network by forcing the disconnection of any mobile device from your network. Typically, you would want to disconnect any unwelcome or unauthorized mobile device from your network. The “disconnect message” that is defined in RFC 3576 is enforced by the DAS support. If an unauthorized mobile device is detected on the network, the DAS client sends a disconnect packet, forcing the mobile device off the network. Your DAS client can be an integration with ExtremeControl or another third-party application, including RADIUS applications. For more information, see NAC Integration with the Wireless WLAN.

DAS support is available to all physical interfaces of the controller, and by default DAS listens to the standard-specified UDP port 3799.

To Configure Dynamic Authorization Server Support:

  1. From the top menu, click VNS.
  2. In the left pane, click Global > DAS.
    Click to expand in new window
    Global DAS Settings
    Graphics/GlobalSettings_DAS.png
  3. In the Port box, type the UDP port you want DAS to monitor. By default, DAS is configured for the standard-specified UDP port 3799. It is unlikely this port value needs to be revised.
  4. In the Replay Interval box, type how long you want DAS to ignore repeated identical messages. By default, DAS is configured for 300 seconds.

    This time buffer helps defend against replay network attacks.

  5. To save your changes, click Save.