Siemens SCALANCE W1750D UI Configuration Manual page 225

5. To terminate the EAP portion of 802.1X authentication on the AP instead of the RADIUS
server, set Termination to Enabled.
By default, for 802.1X authentication, the client conducts an EAP exchange with the
RADIUS server, and the AP acts as a relay for this exchange. When Termination is
enabled, the AP by itself acts as an authentication server and terminates the outer layers
of the EAP protocol, only relaying the innermost layer to the external RADIUS server
6. Specify the type of authentication server to use and configure other required parameters.
You can also configure two different authentication servers to function as primary and
backup servers when Termination is enabled. For more information on RADIUS
authentication configuration parameters, see Configuring an External Server for
Authentication (Page 209).
7. Click Next to define access rules, and then click Finish to apply the changes.
In the CLI
To configure 802.1X authentication for a wireless network:
(scalance)(config)# wlan ssid-profile <name>
(scalance)(SSID Profile <name>)# type {<Employee>|<Voice>}
(scalance)(SSID Profile <name>)# opmode {wpa2-aes|wpa-tkip|wpa-tkip,wpa2-aes|dynamic-
wep}
(scalance)(SSID Profile <name>)# leap-use-session-key
(scalance)(SSID Profile <name>)# termination
(scalance)(SSID Profile <name>)# auth-server <server1>
(scalance)(SSID Profile <name>)# auth-server <server2>
(scalance)(SSID Profile <name>)# radius-reauth-interval <minutes>
(scalance)(SSID Profile <name>)# auth-survivability
(scalance)(SSID Profile <name>)# exit
(scalance)(config)# auth-survivability cache-time-out <hours>
(scalance)(config)# end
(scalance)# commit apply
SCALANCE W1750D UI
Configuration Manual, 02/2018 , C79000-G8976-C451-02
Authentication and User Management
14.7 Configuring 802.1X Authentication for a Network Profile
225