Motorola WS2000 System Reference Manual page 139
Wireless switch
Hide thumbs
Also See for WS2000:
- System reference manual (680 pages) ,
- Cli reference manual (452 pages) ,
- Configuration manual (19 pages)
Table of Contents
Advertisement
hardware token card to provide the response string.
• Microsoft CHAP (MSCHAP-V2) is an encrypted authentication method based on Microsoft's
challenge/response authentication protocol.
4. If TTLS is selected, specify a
are
MD5, PAP and
MSCHAP-V2.
• Message Digest 5 (MD5) is a secure hash function which converts a long data stream into a fixed
size digest. It uses a 128-bit hash value to do the conversion.
• Password Authentication Protocol (PAP) is a protocol where the user sends an identifier and
password pair to the server. This information is sent un-encrypted. It is used in case a remote server
does not support stronger authentication protocols such as EAP or CHAP.
• Microsoft CHAP (MSCHAP-V2) is an encrypted authentication method based on Microsoft's
challenge/response authentication protocol.
5. If you have a server certificate from a CA and wish to use it on the RADIUS server, select it from this pull-
down menu. Only certificates imported to the switch will be available in the menu. To create a server
certificate, select the
Self Certificates
Creating Self
Certificates).
6. You can also choose an imported CA Certificate to use on the RADIUS server. If using a server certificate
signed by a CA, you will need to import that CA's root certificate using the CA certificates screen from
the Certificate Mgmt menu. After a valid CA root certificate has been imported, it will be available from
the
CA Certificate
pull-down menu.
7. DH Param File is required to support Cipher Suite v 0x13 (TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA)
for EAP-TLS/TTLS. If this file does not exist on a WS2000, it is automatically created when the device is
booted up. Use
Create DH Param File
8. Use the
RADIUS Client Authentication
host that is trying to authenticate against the RADIUS server. Use the
list.
Subnet/Host
This field contains the IP address of the subnet or host that will be authenticating with the
RADIUS server.
Netmask
This field contains the netmask (subnet mask) of the subnet or host that will be
authenticating with the RADIUS server.
Shared Secret
Set a shared secret to be used for each host or subnet that will be authenticating against
the RADIUS server. The shared secret can be up to 7 characters in length.
9. Click
Apply
to save your changes.
Default Auth Type
for TTLS to use from the pull-down menu. The options
screen from Certificate Mgmt in the navigation menu (see
to create the file as and when required.
table to set up multiple shared secrets based on the subnet or
Administrator and User Access
Add
button to add entries to the
6-7
Hide quick links:
Advertisement
Table of Contents
