beautypg.com

Brocade Mobility 7131 Access Point Product Reference Guide (Supporting software release 4.4.0.0 and later) User Manual

Page 97

background image

Brocade Mobility 7131 Access Point Product Reference Guide

85

53-1002517-01

4

8. To use the certificate for a VPN tunnel, first define a tunnel and select the IKE settings to use

either RSA or DES certificates. For additional information on configuring VPN tunnels, see
Configuring VPN Tunnels on page 6-216.

Creating a Certificate for Onboard Radius Authentication

The Mobility 7131 Access Point can use its on-board Radius Server to generate certificates to
authenticate MUs for use with the access point. In addition, a Windows 2000 or 2003 Server is
used to sign the certificate before downloading it back to the access point’s on-board Radius server
and loading the certificate for use with the access point.

Both a CA and Self certificate are required for Onboard Radius Authentication. For

information on CA Certificates, see Importing a CA Certificate on page 4-81

.

Ensure the

certificate is in a Base 64 Encoded format

or risk loading an invalid certificate.

CAUTION

If using the Radius time-based authentication feature to authenticate access point user
permissions, ensure the access point’s time is synchronized with the CA server used to generate
certificate requests.

CAUTION

Self certificates can only be generated using the access point GUI and CLI interfaces. No
functionality exists for creating a self-certificate using the access point’s SNMP configuration
option.

To create a self certificate for on-board Radius authentication:

1. Select System Configuration -> Certificate Mgmt -> Self Certificates from the Mobility 7131

Access Point menu tree.

2. Click on the Add button to create the certificate request.

The Certificate Request screen displays.

3. Complete the request form with the pertinent information.

Key ID (required)

Enter a logical name for the certificate to help distinguish between certificates. The name
can be up to 7 characters in length.

Subject (required)

The required

Subject

value contains important information about the certificate. Contact

the CA signing the certificate to determine the content of the Subject parameter.

Department

Optionally enter a value for your organizations’s department name if needing to
differentiate the certificate from similar certificates used in other departments within your
organization.

Organization

Optionally enter the name of your organization for supporting information for the certificate
request.

City

Optionally enter the name of the City where the access point (using the certificate) resides.

State

Optionally enter the name of the State where the access point (using the certificate)
resides.

See also other documents in the category Brocade Computer Accessories: