EasyManuals Logo

Cisco 2100 Series Configuration Guide

Cisco 2100 Series
796 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #231 background imageLoading...
Page #231 background image
5-43
Cisco Wireless LAN Controller Configuration Guide
OL-17037-01
Chapter 5 Configuring Security Solutions
Configuring Local EAP
Note If you check the PEAP check box, both PEAPv0/MSCHAPv2 or PEAPv1/GTC are enabled
on the controller.
f. If you chose EAP-FAST and want the device certificate on the controller to be used for
authentication, check the Local Certificate Required check box. If you want to use EAP-FAST
with PACs instead of certificates, leave this check box unchecked, which is the default setting.
Note This option applies only to EAP-FAST because device certificates are not used with LEAP
and are mandatory for EAP-TLS and PEAP.
g. If you chose EAP-FAST and want the wireless clients to send their device certificates to the
controller in order to authenticate, check the Client Certificate Required check box. If you want
to use EAP-FAST with PACs instead of certificates, leave this check box unchecked, which is the
default setting.
Note This option applies only to EAP-FAST because client certificates are not used with LEAP
or PEAP and are mandatory for EAP-TLS.
h. If you chose EAP-FAST with certificates, EAP-TLS, or PEAP, choose which certificates will be sent
to the client, the ones from Cisco or the ones from another Vendor, from the Certificate Issuer
drop-down box. The default setting is Cisco.
i. If you chose EAP-FAST with certificates or EAP-TLS and want the incoming certificate from the
client to be validated against the CA certificates on the controller, check the Check Against CA
Certificates check box. The default setting is enabled.
j. If you chose EAP-FAST with certificates or EAP-TLS and want the common name (CN) in the
incoming certificate to be validated against the CA certificates’ CN on the controller, check the
Verify Certificate CN Identity check box. The default setting is disabled.
k. If you chose EAP-FAST with certificates or EAP-TLS and want the controller to verify that the
incoming device certificate is still valid and has not expired, check the Check Certificate Date
Vali d ity check box. The default setting is enabled.
l. Click Apply to commit your changes.
Step 7 If you created an EAP-FAST profile, follow these steps to configure the EAP-FAST parameters:
a. Click Security > Local EAP > EAP-FAST Parameters to open the EAP-FAST Method Parameters
page (see Figure 5-26).

Table of Contents

Other manuals for Cisco 2100 Series

Preview: Quick Start Guide
Quick Start Guide12 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 2100 Series and is the answer not in the manual?

Cisco 2100 Series Specifications

General IconGeneral
Power over Ethernet (PoE)No
Form FactorDesktop
EncryptionAES, TKIP
Maximum Access Points6
SecurityWPA, WPA2, 802.1X
Dimensions1.75 x 8.0 x 8.5 in. (4.4 x 20.3 x 21.6 cm)

Related product manuals