Specifications

Network User Configuration Scenarios

RoamAbout Mobility System Software Configuration Guide 17-67

Enabling PEAP-MS-CHAP-V2 Authentication

ThefollowingexampleillustrateshowtoenablelocalPEAP‐MS‐CHAP‐V2authenticationforall

802.1Xnetworkusers.Thisexampleincludeslocalusernames,passwords,andmembershipina

VLAN.Thisexampleincludesoneusernameandanoptionalattributeforsession‐timeoutin

seconds.

1. Tosetauthenticationforall802.1Xusersof

SSIDthiscorp,typethefollowingcommand:

RBT-8100# set authentication dot1x ssid thiscorp * peap-mschapv2 local

2. ToadduserNatashatothelocaldatabaseontheRoamAboutswitch,typethefollowing

command:

RBT-8100# set user Natasha password moon

3. ToassignNatashatoaVLANnamedred,typethefollowingcommand:

RBT-8100# set user Natasha attr vlan-name red

4. ToassignNatashaasessiontimeoutvalueof1200 seconds, typethefollowingcommand:

RBT-8100# set user Natasha attr session-timeout 1200

5. Savetheconfiguration:

RBT-8100 save config

success: configuration saved.

Enabling PEAP-MS-CHAP-V2 Offload

ThefollowingexampleillustrateshowtoenablePEAP‐MS‐CHAP‐V2offload.Inthisexample,all

EAPprocessingisoffloadedfromtheRADIUSserver,butMS‐CHAP‐V2authenticationand

authorizationaredoneviaaRADIUSserver.TheMS‐CHAP‐V2lookupmatchesusersagainstthe

userlistonaRADIUS

server.

1. ConfiguretheRADIUSserverr1atIPaddress10.1.1.1withthestringstarryforthekey.Type

thefollowingcommand:

RBT-8100# set radius server r1 address 10.1.1.1 key starry

2. Configuretheservergroupsg1withmemberr1.Typethefollowingcommand:

RBT-8100# set server group sg1 members r1

3. Enableall802.1XusersofSSIDthiscorpusingPEAP‐MS‐CHAP‐V2toauthenticateMS‐CHAP‐

V2onservergroupsg1.Typethefollowingcommand:

RBT-8100# set authentication dot1x ssid thiscorp * peap-mschapv2 sg1

4. Savetheconfiguration:

RBT-8100 save config

success: configuration saved.