Table of Contents
Advertisement
Configuring 802.1X EAP-TLS authentication
EAP-TLS authentication uses certificates for authentication. A third-party Certificate Authentication
application is required to configure EAP-TLS authentication. Certificates can be overwritten with new
ones at any time.
With EAP-TLS authentication, the Summit WM Controller can operate in either proxy mode or pass
through mode.
NOTE
When an Altitude AP configured with 802.1X EAP-TLS authentication is connected to a Summit WM Controller, the
Altitude AP begins submitting logs to the Summit WM Controller 30 days before the certificate expires to provide
administrators with a warning of the impending expiry date.
Proxy mode
In proxy mode, Summit WM Controller generates the public and private key pair used in the certificate.
You can specify the criteria used to create the Certificate Request. The Certificate Request that is
generated by the Summit WM Controller is then used by the third-party Certificate Authentication
application to create the certificate used for authentication of the Altitude AP. To successfully configure
802.1X authentication of an Altitude AP, the Altitude AP must first be configured for 802.1X
authentication before the Altitude AP is deployed on a 802.1X enabled switch port.
To configure 802.1X EAP-TLS authentication in proxy mode:
1 From the main menu, click Altitude AP Configuration. The Altitude APs page is displayed.
2 In the Altitude AP list, click the Altitude AP for which you want to configure 802.1X EAP-TLS
authentication.
3 Click the 802.1X tab.
4 Click Generate certificate request. The Generate Certificate Request window is displayed.
5 Type the criteria to be used to create the certificate request. All fields are required:
Country name - The two-letter ISO abbreviation of the name of the country
State or Province name - The name of the State/Province
Summit WM User Guide, Software Version 5.3
119
Advertisement
Table of Contents
