HP-UX AAA Server A.08.02 Administrator's Guide
13 Securing LAN Access With EAP
IMPORTANT: The EAP-LEAP authentication method is obsolete in A.08.00 release of the HP-UX
AAA Server. The EAP-LEAP authentication method is replaced by the EAP-PEAP authentication
method. HP recommends that you use EAP-PEAP in place of EAP-LEAP for improved security. Unlike
EAP-LEAP, EAP-PEAP supports mutual authentication and uses an encrypted tunnel to transmit the
user's credentials.
This chapter provides information about securing LANs with EAP using the HP-UX AAA Server.
Refer to the Secure LAN Advisor in the Server Manager interface for step-by-step instructions.
Overview
The HP-UX AAA Server provides security framework to support EAP authentication mechanisms for
LAN users. The HP-UX AAA Server allows authentication of wireless users with password or
non-password based mechanisms and supports dynamic key generation for data encryption between
the access point and wireless stations.
The Secure LAN Advisor
The Secure LAN Advisor is an HTML tutorial/help system in the Server Manager GUI that walks
you through the tasks and Server Manager screens for securing WLANs with the HP-UX AAA
Server. The Secure LAN Advisor provides information only—it does not edit configuration files.
Follow the Secure LAN Advisor and use Server Manager to create and deploy basic AAA
configurations for securing WLANs.
For information on EAP-SIM and EAP-AKA, see Chapter 17 (page 160)
The following graphic shows the Secure LAN Advisor used to quickly secure WLANs with the
HP-UX AAA Server:
Figure 39 The Secure LAN Advisor For Securing WLANs
112 Securing LAN Access With EAP