Cisco Cisco Cius 4G Guía De Diseño
Cisco Cius Wireless Deployment Guide
22
Extensible Authentication Protocol – Transport Layer Security (EAP-TLS)
Extensible Authentication Protocol Transport Layer Security (EAP-TLS) is using the TLS protocol with PKI to secure
communications to the authentication server.
communications to the authentication server.
TLS provides a way to use certificates for both user and server authentication and for dynamic session key generation.
A certificate is required to be installed.
EAP-TLS provides excellent security, but requires client certificate management.
Ensure that Certificate CN Comparison is selected when enabling EAP-TLS.
A certificate is required to be installed.
EAP-TLS provides excellent security, but requires client certificate management.
Ensure that Certificate CN Comparison is selected when enabling EAP-TLS.
EAP-TLS may also require a user account to be created on the authentication server matching the common name of the
certificate imported into Cisco Cius.
It is recommended to use a complex password for this user account and that EAP-TLS is the only EAP type enabled on the
RADIUS server.
See the
certificate imported into Cisco Cius.
It is recommended to use a complex password for this user account and that EAP-TLS is the only EAP type enabled on the
RADIUS server.
See the
Installing Certificates
section for more information.