D-Link DWS-1008 Cli Reference Manual page 137
8 port 10/100 wireless switch with power over ethernet
Hide thumbs
Also See for DWS-1008:
- Cli reference manual (531 pages) ,
- Product manual (502 pages) ,
- User manual (454 pages)
Table of Contents
Advertisement
DWS-1008 CLI Reference Guide
method1
method2
method3
method4
Defaults: By default, authentication is unconfigured for all clients with network access through
AP ports or wired authentication ports on the switch. Connection, authorization, and
accounting are also disabled for these users. Bonded authentication is disabled by
default.
Access: Enabled.
Usage: You can configure different authentication methods for different groups of users by
"globbing."You can configure a rule either for wireless access to an SSID, or for wired
access through a switch's wired authentication port. If the rule is for wireless access
to an SSID, specify the SSID name or specify any to match on all SSID names. If the
rule is for wired access, specify wired instead of an SSID name.
D-Link Systems, Inc.
• eap-tls - EAP with Transport Layer Security (TLS):
• Provides mutual authentication, integrity-protected
negotiation, and key exchange
• Requires X.509 public key certificates on both sides of
the connection
• Provides encryption and integrity checking for the
connection
• Cannot be used with RADIUS server authentication
• peap-mschapv2 - Protected EAP (PEAP) with Microsoft
Challenge Handshake Authentication Protocol version 2
(MS-CHAP-V2). For wireless clients:
• Uses TLS for encryption and data integrity checking
and server-side authentication
• Provides MS-CHAP-V2 mutual authentication
• Only the server side of the connection needs a
certificate.
The wireless client authenticates using TLS to set up an
encrypted session. Then MS-CHAP-V2 performs mutual
authentication using the specified AAA method.
• pass-through - MSS sends all the EAP protocol processing to a
RADIUS server.
At least one and up to four methods that MSS uses to handle
authentication. Specify one or more of the following methods in
priority order. MSS applies multiple methods in the order you
enter them.
A method can be one of the following:
• local - Uses the local database of usernames and user
groups on the switch for authentication.
• server-group-name - Uses the defined group of
RADIUS servers for authentication. You can enter up to
four names of existing RADIUS server groups as
methods.
RADIUS servers cannot be used with the EAP-TLS
protocol. For more information, see "Usage."
AAA Commands
136
Advertisement
Table of Contents
