H3C Technologies H3C Intelligent Management Center User Manual

401

Access user type

Supported authentication certificate types and subtypes

Guest

•

EAP-TLS

•

EAP-TTLS

•

EAP-PEAP-MSCHAPv2

•

EAP-PEAP-MD5

•

EAP-PEAP-GTC

LDAP user

All LDAP users support EAP-PEAP-MD5 and EAP-PEAP-GTC.
When the LDAP server uses Windows Active Directory (AD), LDAP users support
EAP-PEAP-MSCHAPv2.

Mute terminal user

Does not support certificate authentication.

2.

Configure the access device.

{

802.1X access uses an EAP relay agent. For more information about configuring 802.1X access
and RADIUS authentication on the access device, see the configuration guide of the access

device.

{

Portal access requires the access device to support EAP authentication. Only on HP Comware
and H3C devices meet this requirement. For information about configuring portal access and

RADIUS authentication on the access device, see the configuration guide of the access device.

3.

Import the root certificate and client certificate to the user endpoint.
For information about installing client certificates on a PC, see the video configuration example
Certificate-Based 802.1X Authentication.

4.

Create an 802.1X or portal authentication connection in the iNode client of the user endpoint.

a.

Select Enable advanced authentication and Certificate authentication.

Figure 103 Selecting certificate authentication for an 802.1X connection