Set authentication dot1x – 3Com Wireless LAN WX1200 User Manual

Page 233

set authentication dot1x

233

set authentication
dot1x

Configures authentication and defines how and where it is performed for
specified wireless or wired authentication clients who use an IEEE 802.1X
authentication protocol to access the network through the WX switch.

Syntax —

set authentication dot1x {ssid ssid-name | wired}

user-glob [bonded] protocol method1 [method2] [method3]
[method4]

ssid

ssid-name

— SSID name to which this authentication rule

applies. To apply the rule to all SSIDs, type any.

wired

— Applies this authentication rule specifically to users

connected to a wired authentication port.

user-glob

— A single user or a set of users with 802.1X network

access.

Specify a username, use the double-asterisk wildcard character (**) to
specify all usernames, or use the single-asterisk wildcard character (*)
to specify a set of usernames up to or following the first delimiter
character — either an at sign (@) or a period (.). (For details, see “User
Globs” on page 26.)

bonded

— Enables Bonded Auth™ (bonded authentication). When

this feature is enabled, MSS authenticates the user only if the machine
the user is on has already been authenticated.

protocol

— Protocol used for authentication. Specify one of the

following:

eap-md5

— Extensible Authentication Protocol (EAP) with

message-digest algorithm 5. For wired authentication clients:

Uses challenge-response to compare hashes

Provides no encryption or integrity checking for the connection

eap-tls

— EAP with Transport Layer Security (TLS):

Provides mutual authentication, integrity-protected negotiation,
and key exchange

Requires X.509 public key certificates on both sides of the
connection