User's Manual

ManualsBrandsAvaya ManualsIP phonesSIP Software 3.1 for 1100 Series

271

272

273

274

275

276

277

278

279

280

EAP Disabled

EAP disabled is the factory default setting. The IP Deskphone does not send a message to

the authenticator upon startup, and normal network access is attempted.

If the IP Deskphone receives a Request-Identity message from the Layer 2 switch, the

Request-Identity is ignored.

If the Layer 2 switch requires 802.1x authentication, the IP Deskphone is blocked from the

network, and the administrator must enable the EAP feature on the IP Deskphone and

configure a DeviceID and Password (if required) to access the network after the IP Deskphone

is successfully authenticated. Or, the administrator can plug the IP Deskphone to an EAP

disabled port on the Layer 2 switch.

EAP-MD5

EAP-MD5 allows the IP Deskphone to authenticate to the RADIUS server before the IP

Deskphone can access the network. This procedure requires a user ID and password. If the

IP Deskphone fails to authenticate to the RADIUS server, the IP Deskphone displays a EAP

Authenticate-Fail message, and the IP Deskphone cannot access the network.

EAP-TLS

EAP-TLS allows the IP Deskphone to authenticate to the RADIUS server before the IP

Deskphone can access the network. This procedure requires a user ID, root certificate, and

device certificate. The root and device certificates must be installed on the IP Deskphone

before using this feature. The customer root certificate can be installed using SIP configuration

file. For more information, see

Trusted Root certificate on page 252 .

The device certificate can be installed using the PKCS 12 download method. For more

information, see

Installing a device certificate using PKCS12 on page 255

If the IP Deskphone fails to authenticate to the RADIUS server or to install the required

certificates, the IP Deskphone displays a EAP Authenticate-Fail message, and the IP

Deskphone cannot access the network.

EAP-PEAP

EAP-PEAP allows the IP Deskphone to authenticate to the RADIUS server before the IP

Deskphone can access the network. This procedure requires a user ID1, root certificate, user

ID2, and password. EAP-PEAP is the outer authentication protocol that requires a user ID1

and root certificate to establish a TLS channel. EAP-MD5 is the inner authentication protocol

that requires a user ID2 and password to pass through this channel in a secure mode. The

customer root certificate can be installed using SIP configuration file.

Certificate-based authentication

274 SIP Software for Avaya 1100 Series IP Deskphones-Administration November 2012

Comments? infodev@avaya.com