RADIUS Server Instance 19-3
19.1.1 authentication
RADIUS Configuration Commands
Use this command to configure an authentication scheme used with the RADIUS server.
Syntax
authentication [data-source|eap-auth-type]
authentication data-source [ldap|local]
authentication eap-auth-type [all|peap-gtc|peap-mschapv2|tls|ttls-md5|
ttls-mschapv2|ttls-pap]
Parameters
Usage Guidelines
Set
eap-auth-type
to
all
to service any RADIUS request received from a mobile unit. Setting
eap-auth-type
to
peap-gtc/ peap-mschapv2
ensures
peap-gtc/peap-mschapv2
service only.
Similarly, set
eap-auth-type
to
ttls-md5/ttls-mschapv2/ttls-pap
to service all TTLS based authentication
RADIUS requests from the mobile unit.
Setting
eap-auth-type
to
tls
ensures only tls authentications are serviced.
Example
RFS7000(config-radsrv)#authentication eap-auth-type peap-mschapv2
RFS7000(config-radsrv)#
RFS7000(config-radsrv)#authentication data-source ldap
RFS7000(config-radsrv)#
data-source [ldap|local] Configures one of the following RADIUS data sources for user authentication:
• ldap – The remote Lightweight Directory Access Protocol (LDAP) server’s
database.
• local – The wireless controller’s local user database.
eap-auth-type
[all|peap-gtc|
peap-mschapv2|tls|
ttls-md5|ttls-mschapv2|
ttls-pap]
Configures RADIUS Extensible Authentication Protocol (EAP) and default
authentication type used with this RADIUS policy.
• all – Enables both TTLS and PEAP settings.
• peap-gtc – Configures EAP type PEAP with default auth type GTC.
• peap-mschapv2 – Configures EAP type PEAP with default auth type
MSCHAPV2.
• tls – Uses TLS as the EAP type..
• ttls-md5 – Configures EAP type TTLS with default auth type MD5.
• ttls-mschapv2 – Configures EAP type TTLS with default auth type
MSCHAPV2.
• ttls-pap – Configures EAP type TTLS with default auth type PAP.
Comments to this Manuals