Reference Guide (Supporting software release 5.5.0.0 and later) Owner manual
336 Brocade Mobility RFS Controller CLI Reference Guide
53-1003098-01
4
• Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point
• Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000
• Service Platforms — Brocade Mobility RFS9510
Syntax:
eap-types [allow|deny] [aka|all|fast|peap|sim|tls|ttls]
{(aka|all|fast|peap|sim|tls|ttls)}
Parameters
eap-types [allow|deny] [aka|all|fast|peap|sim|tls|ttls]
{(aka|all|fast|peap|sim|tls|ttls)}
Example
rfs7000-37FABE(config-wlan-test)#eap-types allow fast sim tls
rfs7000-37FABE(config-wlan-test)#show context
wlan test
ssid test
bridging-mode tunnel
encryption-type none
authentication-type none
eap-types allow fast sim tls
rfs7000-37FABE(config-wlan-test)#
encryption-type
wlan-mode commands
Sets a WLAN’s encryption type
eap-types [allow|deny] Configures a list of allowed or denied EAP types
• allow – Configures a list of EAP types allowed for WLAN client authentication
• deny – Configures a list of EAP types not allowed for WLAN client authentication
[aka|all|fast|peap|sim|
tls|ttls]
The following EAP types are common to the ‘allow’ and ‘deny’ keywords:
• aka – Configures EAP Authentication and Key Agreement (AKA) and EAP-AKA’ (AKA Prime). EAP-AKA is
one of the methods in the EAP authentication framework. It uses Universal Mobile
Telecommunications System (UMTS) and Universal Subscriber Identity Module (USIM) for client
authentication and key distribution.
• all – Allows or denies usage of all EAP types on the WLAN
• fast – Configures EAP Flexible Authentication via Secure Tunneling (FAST). EAP-FAST establishes a
Transport Layer Security (TLS) tunnel, to verify client credentials, using Protected Access Credentials
(PAC).
• peap – Configures Protected Extensible Authentication Protocol (PEAP). PEAP or Protected EAP uses
encrypted and authenticated TLS tunnel to encapsulate EAP.
• sim – Configures EAP Subscriber Identity Module (SIM). EAP-SIM uses Global System for Mobile
Communications (GSMC) SIM for client authentication and key distribution.
• tls – Configures EAP Transport Layer Security (TLS). EAP-TLS is an EAP authentication method that
uses PKI to communicate with a RADIUS server or any other authentication server.
• ttls – Configures Tunneled Transport Layer Security (TTLS). EAP-TTLS is an extension of TLS. Unlike
TLS, TTLS does not require every client to generate and install a CA- signed certificate.
NOTE: These options are recursive, and more than one EAP type can be selected. The selected options are
added to the allowed or denied EAP types list.