Motorola AP-51XX User Manual

Configuring Access Point Security

6-65

2.

From within the

Data Source Configuration

field, use the

Data Source

drop-down menu

to select the data source for the Radius server.

3.

Use the

TTLS/PEAP Configuration

field to specify the Radius Server default EAP type,

EAP authentication type and a Server or CA certificate (if used).

Local

An internal user database serves as the data source. Use the

User

Database

screen to enter the user data. For more information, see

Managing the Local User Database on page 6-72

.

LDAP

If LDAP is selected, the switch will use the data in an LDAP server.
Configure the LDAP server settings on the LDAP screen under
Radius Server on the menu tree. For more information, see

Configuring LDAP Authentication on page 6-67

.

NOTE

When using LDAP, only PEAP-GTC and TTLS/PAP are supported.

EAP Type

Use the

EAP Type

checkboxes to enable the default EAP type(s) for

the Radius server. Options include:

•

PEAP - Select the PEAP checkbox to enable both PEAP types

(GTC and MSCHAP-V2) available to the access point. PEAP
uses a TLS layer on top of EAP as a carrier for other EAP
modules. PEAP is an ideal choice for networks using legacy
EAP authentication methods.

•

TTLS - Select the TTLS checkbox to enable all three TTLS
types (MD5, PAP and MSCHAP-V2) available to the access
point.TTLS is similar to EAP-TLS, but the client
authentication portion of the protocol is not performed until
after a secure transport tunnel is established. This allows
EAP-TTLS to protect legacy authentication methods used by
some RADIUS servers.

•

TLS - The TLS checkbox is selected but disabled by default
and resides in the background as it does not contain user
configurable parameters.