Cisco 2100 Series Configuration Manual page 236
Wireless lan controller
Hide thumbs
Also See for 2100 Series:
- Configuration manual (50 pages) ,
- Quick start manual (12 pages) ,
- Quick start manual (49 pages)
Table of Contents
Advertisement
Configuring Local EAP
config local-auth eap-profile cert-issuer {cisco | vendor} profile_name—If you specified
•
EAP-FAST with certificates, EAP-TLS, or PEAP, specifies whether the certificates that will be sent
to the client are from Cisco or another vendor.
config local-auth eap-profile cert-verify ca-issuer {enable | disable} profile_name—If you chose
•
EAP-FAST with certificates or EAP-TLS, specifies whether the incoming certificate from the client
is to be validated against the CA certificates on the controller.
config local-auth eap-profile cert-verify cn-verify {enable | disable} profile_name—If you chose
•
EAP-FAST with certificates or EAP-TLS, specifies whether the common name (CN) in the
incoming certificate is to be validated against the CA certificates' CN on the controller.
config local-auth eap-profile cert-verify date-valid {enable | disable} profile_name—If you
•
chose EAP-FAST with certificates or EAP-TLS, specifies whether the controller is to verify that the
incoming device certificate is still valid and has not expired.
Step 10
To enable local EAP and attach an EAP profile to a WLAN, enter this command:
config wlan local-auth enable profile_name wlan_id
Note
Step 11
To save your changes, enter this command:
save config
To view information pertaining to local EAP, enter these commands:
Step 12
show local-auth config—Shows the local EAP configuration on the controller.
•
Information similar to the following appears for the show local-auth config command:
User credentials database search order:
Timer:
Configured EAP profiles:
Cisco Wireless LAN Controller Configuration Guide
5-48
To disable local EAP for a WLAN, enter this command: config wlan local-auth disable
wlan_id.
Primary ..................................... Local DB
Active timeout .............................. 300
Name ........................................ fast-cert
Certificate issuer ........................ vendor
Peer verification options:
Check against CA certificates ........... Enabled
Verify certificate CN identity .......... Disabled
Check certificate date validity ......... Enabled
EAP-FAST configuration:
Local certificate required .............. Yes
Client certificate required ............. Yes
Enabled methods ........................... fast
Configured on WLANs ....................... 1
Name ........................................ tls
Certificate issuer ........................ vendor
Peer verification options:
Check against CA certificates ........... Enabled
Verify certificate CN identity .......... Disabled
Check certificate date validity ......... Enabled
EAP-FAST configuration:
Local certificate required .............. No
Client certificate required ............. No
Enabled methods ........................... tls
Configured on WLANs ....................... 2
Chapter 5
Configuring Security Solutions
OL-17037-01
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
