ENWW
TCP/IP Configuration 84
server-auth
This command requires that you specify a dynamic
encryption option (
dynamic-encrypt
command) and EAP
802.1x authentication (
wpa-auth-type
command). Use
this command to specify server-based authentication
methods used on your network. For a brief description of
supported authentication protocols, see
Chapter 1
.
None
: (default) Server-based network authentication is not
used.
EAP_MD5
: An authentication method that uses 802.1x EAP
and MD5 (Message-Digest Algorithm 5, RFC 1321). It
requires that a user name and password be configured on
the device. Use the
svr-auth-user
and
svr-auth-pass
commands to specify a user name and
password, respectively.
EAP_TLS
: An authentication method that uses 802.1x
EAP-TLS (Extensible Authentication Protocol - Transport
Layer Security, RFC 2716). It requires a user name and an
installed X.509-compliant digital certificate for device
validation. In addition, a CA (Certificate Authority) certificate
used to validate the authentication server must be installed.
Use the
svr-auth-user
command to specify a user name.
To install certificates, use the embedded Web server. See
Chapter 4
.
LEAP
: An authentication method that uses LEAP
(Lightweight Extensible Authentication Protocol). LEAP is a
Cisco Systems, Inc. proprietary protocol. LEAP requires a
user name and password. Use the
svr-auth-user
and
svr-auth-pass
commands to specify a user name and
password, respectively.
PEAP
: An authentication method that uses PEAP
(Protected Extensible Authentication Protocol). PEAP
requires a user name and password for client validation. In
addition, a CA (Certificate Authority) certificate used to
validate the authentication server must be installed. Use the
svr-auth-user
and
svr-auth-pass
commands to
specify a user name and password, respectively. To install
certificates, use the embedded Web server. See
Chapter 4
.
EAP_TTLS
: An authentication method that uses TTLS
(Tunneled Transport Layer Security). EAP-TTLS is an
EAP-TLS extension that also uses X.509-compliant digital
certificates. TTLS requires a user name and password for
client validation. In addition, a CA (Certificate Authority)
certificate used to validate the authentication server must be
installed. Use the
svr-auth-user
and
svr-auth-pass
commands to specify a user name and password,
respectively. To install certificates, use the embedded Web
server. See
Chapter 4
.
svr-auth-user
Specify a user name for server-based authentication. Up to
128 alphanumeric characters may be used.
Table 3.4
Telnet Commands and Parameters (4 of 18)