D-Link DWS-1008 User Manual page 322
Wireless 8 port switch with poe
Hide thumbs
Also See for DWS-1008:
- Cli reference manual (531 pages) ,
- Product manual (502 pages) ,
- Installation manual (17 pages)
Table of Contents
Advertisement
DWS-1008 User's Manual
all EAP processing is offloaded from the RADIUS server, but MS-CHAP-V2 authentication
and authorization are done via a RADIUS server. The MS-CHAP-V2 lookup matches users
against the user list on a RADIUS server. Because the switch requires a certificate for
authentication, a self-signed certificate is shown in this example.
1. Configure the RADIUS server r1 at IP address 10.1.1.1 with the string starry for the
key. Type the following command:
DWS-1008# set radius server r1 address 10.1.1.1 key starry
2. Configure the server group sg1 with member r1. Type the following command:
DWS-1008# set server group sg1 members r1
3. Enable all 802.1X users of SSID thiscorp using PEAP-MS-CHAP-V2 to authenticate
MS-CHAP-V2 on server group sg1. Type the following command:
DWS-1008# set authentication dot1x ssid thiscorp * peap-mschapv2 sg1
4. To generate a public-private key pair and a self-signed EAP certificate, type the
following commands:
DWS-1008# crypto generate key eap 1024
key pair generated
DWS-1008# crypto generate self-signed eap
Country Name: US
State Name: CA
Locality Name: Campus1
Organizational Name: Example
Organizational Unit: IT
Common Name: SW6
Email Address: admin@example.com
Unstructured Name: wiring closet 55
5. Save the configuration:
DWS-1008 save config
success: configuration saved.
Combining EAP Offload with Pass-Through Authentication
The following example illustrates how to enable PEAP-MS-CHAP-V2 offload for the marketing
D-Link Systems, Inc.
Configuring AAA for Network Users
317
Advertisement
Table of Contents
