3Com 3CRWX120695A Command Reference Manual page 194

194 C 7: AAA C
HAPTER OMMANDS
— Protocol used for authentication. Specify one of the
protocol
following:
eap-md5
message-digest algorithm 5. For wired authentication clients:
Uses challenge-response to compare hashes
Provides no encryption or integrity checking for the connection
eap-tls
Provides mutual authentication, integrity-protected negotiation,
and key exchange
Requires X.509 public key certificates on both sides of the
connection
Provides encryption and integrity checking for the connection
Cannot be used with RADIUS server authentication
peap-mschapv2
Handshake Authentication Protocol version 2 (MS-CHAP-V2). For
wireless clients:
Uses TLS for encryption and data integrity checking and server-side
authentication
Provides MS-CHAP-V2 mutual authentication
Only the server side of the connection needs a certificate.
The wireless client authenticates using TLS to set up an encrypted
session. Then MS-CHAP-V2 performs mutual authentication using
the specified AAA method.
pass-through
RADIUS server.
EAP-MD5 does not work with Microsoft wired authentication
clients.
method1, method2, method3, method4
methods that MSS uses to handle authentication. Specify one or more
of the following methods in priority order. MSS applies multiple
methods in the order you enter them.
A method can be one of the following:
— Extensible Authentication Protocol (EAP) with
— EAP with Transport Layer Security (TLS):
— Protected EAP (PEAP) with Microsoft Challenge
— MSS sends all the EAP protocol processing to a
— At least one and up to four