Configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

434

Configuration procedure

NOTE:
•

To implement local EAP authentication and authorization for 802.1X users, make sure that port security
is enabled and 802.1X authentication uses the EAP authentication mode.

•

To use the authentication method of EAP-TLS, configure the network properties of the connection and the
client certificate properly on the client.

•

For more information about how to configure PKI domain test, requesting a local certificate, and
retrieving a CA certificate, see "

Managing certificates

."

1.

Configure local user usera:

a.

Select Authentication > Users from the navigation tree.

b.

Click Add.

c.

Enter the username usera and password 1234, and select the service type LAN-Access.

d.

Click Apply.

Figure 460 Local user configuration page

2.

Configure the ISP domain system to use local authentication and local authorization.
The ISP domain system uses local authentication and local authorization by default. For the
configuration procedure, see "

Configuring AAA

."

3.

Enable the EAP server, configure the authentication method as TLS, and the PKI domain as test:

a.

Select Authentication > Local EAP Server from the navigation tree.

b.

Select Enabled for Status.

c.

Select TLS from the Available methods list and click << to add TLS to the Selected methods list.