Table of Contents
Advertisement
Local
LDAP
NOTE When using LDAP, only PEAP-GTC and TTLS/PAP are supported.
3. Use the
TTLS/PEAP Configuration
EAP authentication type and a Server or CA certificate (if used).
EAP Type
An internal user database serves as the data source. Use the
Database
screen to enter the user data. For more information, see
Managing the Local User Database on page
If LDAP is selected, the switch will use the data in an LDAP server.
Configure the LDAP server settings on the LDAP screen under
RADIUS Server on the menu tree. For more information, see
Configuring LDAP Authentication on page
field to specify the Radius Server default EAP type,
Use the
EAP Type
checkboxes to enable the default EAP type(s) for
the RADIUS server. Options include:
• PEAP - Select the PEAP checkbox to enable both PEAP
types (GTC and MSCHAP-V2) available to the access
point. PEAP uses a TLS layer on top of EAP as a carrier
for other EAP modules. PEAP is an ideal choice for
networks using legacy EAP authentication methods.
• TTLS - Select the TTLS checkbox to enable all three
TTLS types (MD5, PAP and MSCHAP-V2) available to
the access point.TTLS is similar to EAP-TLS, but the
client authentication portion of the protocol is not
performed until after a secure transport tunnel is
established. This allows EAP-TTLS to protect legacy
authentication methods used by some RADIUS servers.
• TLS - The TLS checkbox is selected but disabled by
default and resides in the background as it does not
contain user configurable parameters.
Configuring Access Point Security
User
6-71.
6-67.
6-65
Advertisement
Table of Contents
