Motorola AP-51XX User Manual
Page 283
Configuring Access Point Security
6-65
2.
From within the
Data Source Configuration
field, use the
Data Source
drop-down menu
to select the data source for the Radius server.
3.
Use the
TTLS/PEAP Configuration
field to specify the Radius Server default EAP type,
EAP authentication type and a Server or CA certificate (if used).
Local
An internal user database serves as the data source. Use the
User
Database
screen to enter the user data. For more information, see
Managing the Local User Database on page 6-72
.
LDAP
If LDAP is selected, the switch will use the data in an LDAP server.
Configure the LDAP server settings on the LDAP screen under
Radius Server on the menu tree. For more information, see
Configuring LDAP Authentication on page 6-67
.
NOTE
When using LDAP, only PEAP-GTC and TTLS/PAP are supported.
EAP Type
Use the
EAP Type
checkboxes to enable the default EAP type(s) for
the Radius server. Options include:
•
PEAP - Select the PEAP checkbox to enable both PEAP types
(GTC and MSCHAP-V2) available to the access point. PEAP
uses a TLS layer on top of EAP as a carrier for other EAP
modules. PEAP is an ideal choice for networks using legacy
EAP authentication methods.
•
TTLS - Select the TTLS checkbox to enable all three TTLS
types (MD5, PAP and MSCHAP-V2) available to the access
point.TTLS is similar to EAP-TLS, but the client
authentication portion of the protocol is not performed until
after a secure transport tunnel is established. This allows
EAP-TTLS to protect legacy authentication methods used by
some RADIUS servers.
•
TLS - The TLS checkbox is selected but disabled by default
and resides in the background as it does not contain user
configurable parameters.