beautypg.com

Table 18, Eap-ttls/mschapv2 configuration – B&B Electronics WLNN-AN(ER,SE,SP.EK)-DP551 - Manual User Manual

Page 62

background image

62

Airborne Enterprise CLI Reference Manual

Command

Description

ca-cert-filename [CA root cert
name].pem

Identifies the CA root certificate name to be
used. Replace [CA root cert name].pem
with the required filename (no parenthesis).

The certificate must be saved to the module
with the name identified by this command.

eap-phase1 peaplabel=0

Identifies the outer authentication type to be
used. In this case PEAPv0.

eap-phase2 auth=MSCHAPV2

Identifies the inner authentication type to be

used. In this case MSCHAPv2

The module does support PEAPv0 without certificates. Set up for this configuration
requires the ca-cert-filename to be blank.

This security configuration compromises the strength of the PEAPv0 authentication
and is not recommended for implementation.

Table 18 - EAP-TTLS/MSCHAPV2 Configuration

Command

Description

wl-security ttls

Sets the EAP authentication process to be used.

eap-ident [client username from
RADIUS server]

Sets the username/EAP Identity for the client.
There must be a valid username on the
RADIUS server that matches this name.
Replace the [client username from
RADIUS server]

with the user name (no

parenthesis).

eap-password [Password for client
username]

Sets the password for the client. This must be

the password on the RADIUS server that
matches the username. Replace the
[Password for client username]

with

the password for the account (no parenthesis).

ca-cert-filename [CA root cert
name].pem

Identifies the CA root certificate name to be
used. Replace [CA root cert name].pem
with the required filename (no parenthesis).

The certificate must be saved to the module
with the name identified by this command.

eap-anon-ident [email protected]

The unencrypted anonymous identity string

used by EAP-TTLS.

eap-phase2 auth=MSCHAPV2

Identifies the inner authentication type to be

used. In this case MSCHAPv2

If you are using the Personal Information Exchange format for your certificates
please follow the configurations in Table 19.

The .PFX and .P12 private key formats commonly store multiple objects,
including the private keys and user certificates required for authentication to a
network. Using this format removes the need to identify all the individual
certificates for authentication using TLS.

See also other documents in the category B&B Electronics Accessories communication: