Cisco Cisco WAP371 Wireless-AC N Access Point with Single Point Setup 维护手册
System Security
802.1X Supplicant
Cisco Small Business WAP371 Wireless Access Point Administration Guide
140
6
802.1X Supplicant
IEEE 802.1X authentication enables the access point to gain access to a secured wired
network. You can enable the access point as an 802.1X supplicant (client) on the wired
network. A user name and password that are encrypted using the MD5 algorithm can be
configured to allow the access point to authenticate using 802.1X.
network. You can enable the access point as an 802.1X supplicant (client) on the wired
network. A user name and password that are encrypted using the MD5 algorithm can be
configured to allow the access point to authenticate using 802.1X.
On networks that use IEEE 802.1X port-based network access control, a supplicant cannot
gain access to the network until the 802.1X authenticator grants access. If your network uses
802.1X, you must configure 802.1X authentication information on the WAP device, so that it
can supply it to the authenticator.
gain access to the network until the 802.1X authenticator grants access. If your network uses
802.1X, you must configure 802.1X authentication information on the WAP device, so that it
can supply it to the authenticator.
The 802.1X Supplicant page is divided into three areas: Supplicant Configuration, Certificate
File Status, and Certificate File Upload.
File Status, and Certificate File Upload.
The Supplicant Configuration area enables you to configure the 802.1X operational status and
basic settings.
basic settings.
STEP 1
Select System Security > 802.1X Supplicant in the navigation pane.
STEP 2
Click Refresh to update the Certificate file status.
STEP 3
Enter the parameters:
•
Administrative Mode—Enables the 802.1X supplicant functionality.
•
EAP Method—The algorithm to be used for encrypting authentication user names and
passwords.
passwords.
-
MD5—A hash function defined in RFC 3748 that provides basic security.
-
PEAP—Protected Extensible Authentication Protocol, which provides a higher
level of security than MD5 by encapsulating it within a TLS tunnel.
level of security than MD5 by encapsulating it within a TLS tunnel.
-
TLS—Transport Layer Security, as defined in RFC 5216, an open standard that
provides a high level of security.
provides a high level of security.
•
Username—The WAP device uses this username when responding to requests from an
802.1X authenticator. The username can be 1 to 64 characters long. ASCII-printable
characters are allowed, which includes uppercase and lowercase alphabetic letters,
numeric digits, and all special characters except quotation marks.
802.1X authenticator. The username can be 1 to 64 characters long. ASCII-printable
characters are allowed, which includes uppercase and lowercase alphabetic letters,
numeric digits, and all special characters except quotation marks.
•
Password—The WAP device uses this MD5 password when responding to requests
from an 802.1X authenticator. The password can be 1 to 64 characters in length. ASCII-
printable characters are allowed, which includes uppercase and lowercase alphabetic
letters, numeric digits, and all special characters except quotation marks.
from an 802.1X authenticator. The password can be 1 to 64 characters in length. ASCII-
printable characters are allowed, which includes uppercase and lowercase alphabetic
letters, numeric digits, and all special characters except quotation marks.