19-3
19.1.1 authentication
RADIUS Configuration Commands
Use this command to configure an authentication scheme used with RADIUS server.
Syntax
authentication(data-source|eap-auth-type)
authentication data-source(ldap|local)
authentication eap-auth-type(all|peap-gtc|peap-mschapv2|tls|ttls-md5|
ttls-mschapv2|ttls-pap)
Parameters
Usage Guidelines
Set eap-auth-type to all to service any RADIUS request received from a mobile unit. Setting eap-auth-
type
to peap-gtc/ peap-mschapv2 ensures peap-gtc/peap-mschapv2 service only.
Similarly, set
eap-auth-type to ttls-md5/ttls-mschapv2/ttls-pap to service all ttls based
authentication RADIUS requests from the mobile unit.
Setting
eap-auth-type to tls ensures only tls authentications are serviced.
Example
RFS7000(config-radsrv)#authentication eap-auth-type peap-mschapv2
RFS7000(config-radsrv)#
RFS7000(config-radsrv)#authentication data-source ldap
RFS7000(config-radsrv)#
data-source RADIUS data source for user authentication.
• ldap – Remote LDAP server.
• local – Local user database.
eap-auth-type RADIUS EAP and default authentication type configuration.
• all – Enables both ttls and peap.
• peap-gtc – Eap type peap with default auth type gtc.
• peap-mschapv2 – Eap type peap with default auth type mschapv2.
• tls – Eap type tls.
• ttls-md5 – EAP type ttls with default auth type md5.
• ttls-mschapv2 – EAP type ttls with default auth type mschapv2.
• ttls-pap – EAP type ttls with default auth type pap.
To Next Page
Loading...
