NAS Clients
The NAS Clients screen displays all configured NAS Clients and is used to create, edit, and delete NAS Clients. NAS acts as a gateway to guard access to a network resource. A client connects to the NAS, and the NAS then connects to an Authentication Server to determine whether or not the client’s supplied credentials are valid. The NAS then allows or denies access to the network resource. The network device in the infrastructure attaching with wired or wireless clients will act as a NAS client, communicating to UPAM which acts as an Authentication Server.
To access the NAS Clients screen, click on Network Access > UPAM-NAC > NAS Clients under the “Configure” section of the OmniVista Cirrus Menu.
Creating a NAS Client
There is a pre-configured default NAS Client profile (“All Managed Devices”) designated for each Organization. You can edit the default NAS Client profile or create a new one.
To add a NAS Client, click on Create NAS Client to open the Create NAS Client form. Complete the following sections of the form, then click Create when you are finished.
Basic Information - Configure the NAS name, IP Addresses, DM-Attribute, COA-Attribute and description.
Shared Secret - Configure the shared secret used by the NAS client to communicate with the Authentication Server. It is highly recommended that you change the default shared secret for NAS clients.
Basic Information
NAS Name - The name of the NAS Client.
Start IP Address (v4) - The starting IP of the NAS Client segment.
End IP Address (v4) - The ending IP of the NAS Client segment.
DM-Attribute - The DM message is used to disconnect subscriber sessions in the system from a RADIUS server. The DM request message should contain necessary attributes (User Name/Calling Station ID) to identify the subscriber session.
User Name - The value should exactly match the subscriber name of the session.
Calling Station ID - The value should match the subscriber ID.
COA-Attribute - The COA message is used to Change of Authentication (COA) in the system from the Radius Server. The COA request message should contain necessary attributes (Username/Calling Station ID) to identify the changes.
Shared Secret
Shared Secret - Configure the shared secret used by the NAS client to communicate with the Authentication Server.
Confirm Shared Secret - Enter the Shared Secret again to confirm.
If you change the shared secret used by the NAS client, then you must also update the shared secret of the UPAM RADIUS Server. The NAS client and UPAM RADIUS Server must use the same shared secret to ensure that RADIUS traffic from the NAS client is authorized.
View Additional Information of a NAS Client
Select the NAS Client name in the list and click on the Additional Information icon to view additional information of the NAS Client data.
Editing a NAS Client
Select a NAS Client entry, then click on Actions and select Edit from the drop-down menu or click on the Edit icon under the “Actions” column next to the NAS Client entry.
Edit the field(s) as described above, then click on Save.
Modifying the default “All Managed Devices” NAS Client will affect all managed devices.
Deleting a NAS Client
Select a NAS Client entry, then click on Actions and select Delete from the drop-down menu or click on the Delete icon under the “Actions” column next to the NAS Client entry. Click Delete at the Confirmation Prompt.
Note that you cannot delete the default “All Managed Devices” NAS Client profile entry.