Reference11r2:Interfaces/ETH/802.1X: Difference between revisions

From innovaphone wiki
Jump to navigation Jump to search
← Older edit
VisualWikitext
m correcting proxy logoff mechanism
No edit summary
 
Line 18: Line 18:
[[Concept_802.1X|Concept 802.1X]]
[[Concept_802.1X|Concept 802.1X]]


[[Howto:802.1X_EAP-TLS_With_FreeRadius|Howto article: 802.1X EAP-TLS With FreeRadius]]
[[Howto11r1:802.1X_EAP-TLS_With_FreeRadius|Howto article: 802.1X EAP-TLS With FreeRadius]]


[[Howto:Security_works_with_innovaphone#802.1X_port_security|Howto article:Security_works_with_innovaphone]]
[[Howto:Security_works_with_innovaphone#802.1X_port_security|Howto article:Security_works_with_innovaphone]]

Latest revision as of 15:10, 14 November 2024

EAP-MD5
  • User Enter the user/identity to authenticate with.
  • Password Enter the shared secret for the MD5 challenge/response handshake.
EAP-TLS

The EAP-MD5 settings are going to reused for EAP-TLS needs. I.e. there's currently no extra setting for EAP-TLS. The configuration for an actual certificate, being fed into the EAP-TLS session, can be found at General/Certificates/Device Certificate.

  • User Enter the user/identity[1] to be sent within the EAP Identity request.[2]
  • Password Enter arbitrary content.[2]
  • General/Certificates/Device Certificate
Proxy-Logoff

If the phone's PC-port got disconnected, EAPOL-Logoff messages are going to be sent on behalf of participants that were connected to the phone's PC-port. An EAPOL-Logoff will be sent for each MAC-address learned from traversing EAPOL-Start messages.

Notes

  1. EAP-TLS doesn't mandate that identity to necessarily be the same as the certificates subject/CN
  2. 2.0 2.1 A non-empty user/password just serves as an "on"-switch

Related Articles

Concept 802.1X

Howto article: 802.1X EAP-TLS With FreeRadius

Howto article:Security_works_with_innovaphone

Retrieved from "https://wiki.innovaphone.com/index.php?title=Reference11r2:Interfaces/ETH/802.1X&oldid=74118"