beautypg.com

Encryption-type – Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 352

background image

336

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

4

Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point

Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000

Service Platforms — Brocade Mobility RFS9510

Syntax:

eap-types [allow|deny] [aka|all|fast|peap|sim|tls|ttls]

{(aka|all|fast|peap|sim|tls|ttls)}

Parameters

eap-types [allow|deny] [aka|all|fast|peap|sim|tls|ttls]

{(aka|all|fast|peap|sim|tls|ttls)}

Example

rfs7000-37FABE(config-wlan-test)#eap-types allow fast sim tls

rfs7000-37FABE(config-wlan-test)#show context

wlan test

ssid test

bridging-mode tunnel

encryption-type none

authentication-type none

eap-types allow fast sim tls

rfs7000-37FABE(config-wlan-test)#

encryption-type

wlan-mode commands

Sets a WLAN’s encryption type

eap-types [allow|deny]

Configures a list of allowed or denied EAP types

allow – Configures a list of EAP types allowed for WLAN client authentication

deny – Configures a list of EAP types not allowed for WLAN client authentication

[aka|all|fast|peap|sim|
tls|ttls]

The following EAP types are common to the ‘allow’ and ‘deny’ keywords:

aka – Configures EAP Authentication and Key Agreement (AKA) and EAP-AKA’ (AKA Prime). EAP-AKA is
one of the methods in the EAP authentication framework. It uses Universal Mobile
Telecommunications System (UMTS) and Universal Subscriber Identity Module (USIM) for client
authentication and key distribution.

all – Allows or denies usage of all EAP types on the WLAN

fast – Configures EAP Flexible Authentication via Secure Tunneling (FAST). EAP-FAST establishes a
Transport Layer Security (TLS) tunnel, to verify client credentials, using Protected Access Credentials
(PAC).

peap – Configures Protected Extensible Authentication Protocol (PEAP). PEAP or Protected EAP uses
encrypted and authenticated TLS tunnel to encapsulate EAP.

sim – Configures EAP Subscriber Identity Module (SIM). EAP-SIM uses Global System for Mobile
Communications (GSMC) SIM for client authentication and key distribution.

tls – Configures EAP Transport Layer Security (TLS). EAP-TLS is an EAP authentication method that
uses PKI to communicate with a RADIUS server or any other authentication server.

ttls – Configures Tunneled Transport Layer Security (TTLS). EAP-TTLS is an extension of TLS. Unlike
TLS, TTLS does not require every client to generate and install a CA- signed certificate.

NOTE: These options are recursive, and more than one EAP type can be selected. The selected options are

added to the allowed or denied EAP types list.

See also other documents in the category Brocade Computer Accessories: