Manualshelf

Specifications

ManualsBrandsAlcatel ManualsComputer equipmentOmniAccess AP61
211212213214215216217218219220
802.1x Configuration 197
Chapter 10
PEAP
(Protected EAP) is an authentication protocol that uses TLS to enhance the
security of other EAP authentication methods. PEAP for Microsoft 802.1X
Authentication Client provides support for EAP-TLS, which uses certificates for
both server authentication and client authentication, and Microsoft Challenge
Handshake Authentication Protocol version 2 (EAP-MS-CHAP v2), which uses
certificates for server authentication and password-based credentials for client
authentication.
RADIUS
(Remote Authentication Dial-In User Service) is a distributed client/server system
that secures networks against unauthorized access. Alcatel-6000 can be config-
ured as a RADIUS Client and send authentication requests to the configured
RADIUS servers that contains all user authentication and network service
access information.
Supplicant
An entity at one end of a point-to-point LAN segment that is being authenticated
by an authenticator attached to the other end of that link. Example: Win-XP/2K
Wireless station is a supplicant.
TLS
(Transport Layer Security) provide privacy and data integrity between two com-
municating applications.
Configuring the Switch for 802.1x
Creating an Authentication Server Instance
This section of the chapter will guide you through the process of specifying an
authentication server for use with your OmniAccess 6000 switch. The
commands used for configuring the switch are explained in Chapter 30.
Authentication Server for 802.1x authentication is a RADIUS Server which is
configured to support EAP infrastructure. In this example we will configure a
Microsoft IAS server as the Authentication server. The name of the server
instance is IAS-RADIUS, the IP address is 10.1.1.214 and the shared secret
between the Alcatel-6000 and the IAS server is a12u13a. The default
authentication port is 1812 and the default accounting port is 1813.Retrasmit
determines the number of times the RADIUS packet will be sent to the server
before dropping that request. The default value of the retransmit is 3.The
timeout is the time period between each retries and the default value is 5
seconds.