LEGRAND Server Technology PRO3X User Manual page 59

Setting Ethernet EAP Parameters
When the selected Ethernet interface's authentication method is set to EAP, you must configure EAP authentication
parameters, including outer authentication, inner authentication, EAP identity, client certificate, client private key, password,
CA certificate, and RADIUS authentication server.
Determine the outer authentication protocol:
network ethernet <ETH> eapOuterAuthentication <outer_auth>
Determine the inner authentication protocol for authentication set to "EAP + PEAP":
network ethernet <ETH> eapInnerAuthentication <inner_auth>
Set the EAP identity:
config:# network ethernet <ETH> eapIdentity <identity>
Set the EAP password:
config:# network ethernet <ETH> eapPassword
After performing the above command, the PRO3X prompts you to enter the password. Then type the password and press
Enter.
Provide a client certificate for authentication set to "EAP + TLS" or "EAP + PEAP + TLS":
config:# network ethernet <ETH> eapClientCertificate
After performing any certificate or private key commands, including commands for the client certificate, client private key,
and CA certificate, the system prompts you to enter the contents of the wanted certificate or key.
Provide a client private key for authentication set to "EAP + TLS" or "EAP + PEAP + TLS":
config:# network ethernet <ETH> eapClientPrivateKey
Provide a CA TLS certificate for EAP:
config:# network ethernet <ETH> eapCACertificate
Enable or disable verification of the TLS certificate chain:
network ethernet <ETH> enableCertVerification <option1>
Allow expired and not yet valid TLS certificates:
network ethernet <ETH> allowOffTimeRangeCerts <option2>
Allow network connection with incorrect system time:
PRO3X User Guide – Command Line Interface (CLI)
59 of 182
Using the PRO3X Command Line Interface (CLI)