LEGRAND Server Technology PRO4X User Manual page 432

Option Description
PEAP Outer authentication is set to Protected Extensible Authentication
Protocol (PEAP).
TLS Outer authentication is set to TLS.
• • <inner_auth> is one of the options: MS‑CHAPv2 or TLS.
Option Description
MSCHAPv2 Inner authentication is set to Microsoft's Challenge Authentication
Protocol Version 2 (MS‑CHAPv2).
TLS Inner authentication is set to TLS.
• •
<identity> is your user name for the EAP authentication.
• • <option1> is one of the options: true or false.
Option Description
true Enables the verification of the TLS certificate chain.
false Disables the verification of the TLS certificate chain.
• •
<option2> is one of the options: true or false.
Option Description
true Always make the network connection successful even though the TLS
certificate chain contains any certificate which is outdated or not valid yet.
false The network connection is NOT successfully established when the TLS
certificate chain contains any certificate which is outdated or not valid yet.
• •
<option3> is one of the options: true or false.
Option Description
true Make the network connection successful when the PRO4X system time is
earlier than the firmware build before synchronizing with the NTP server,
causing the TLS certificate to become invalid.
false The network connection is NOT successfully established when the PRO4X
finds that the TLS certificate is not valid due to incorrect system time.
• •
<FQDN> is the name of the RADIUS server if it is present in the TLS certificate. The name must
match the fully qualified domain name (FQDN) of the host shown in the certificate.
EAP CA Certificate Example
This section provides a CA certificate example for the Ethernet interface "ETH1". Your CA certificate
contents should be different from the contents displayed in this example.
432