![]() By using the “all” keyword you can verify both dot1x credential & eap profile configurations. You can verify your EAP Profile configuration as shown below. WORD Specify a profile name (max 32 characters)ĭot1x-credential Configure 802.1X credentials profileĪP3802#configure eap-profile MRN-PRO methodĪP3802# configure eap-profile MRN-PRO method peapĪP3802#configure eap-profile MRN-PRO trustpointĪP3802#configure eap-profile MRN-PRO trustpoint nameĪP3802# configure eap-profile MRN-PRO trustpoint name MRN_TRUSTĪP3802# configure eap-profile MRN-PRO dot1x-credential MRN-CRD You have to link your dot1x credential profile configured under the previous step. Next, you can configure an EAP-Profile & specify EAP method you would like to use and attach trust point to that EAP profile. AP3802#configure dot1x credentialĪP3802#configure dot1x credential MRN-CRDĭelete Delete the dot1x credential profileĪP3802#configure dot1x credential MRN-CRD username wgbĪP3802# configure dot1x credential MRN-CRD username wgb password xxxx ![]() You can delete a configured profile using the “delete” keyword after the credential profile name using the same config line. You can configure 802.1X credential profile as shown below. ![]() Signature Algorithm: sha256WithRSAEncryption You can verify certificate details as shown below (not shown the complete output) AP3802# show crypto pki trustpointĬA-Cert file : /storage/wbridge_pki_cert/MRN_TRUST/MRN_TRUST_ca.pemĬlient-Cert file : /storage/wbridge_pki_cert/MRN_TRUST/MRN_TRUST_client.pem PKI trustpoint configuration has been saved successfully And end with the word "quit" on a line by itself.Ĭertificate has the following attributes: AP3802# configure crypto pki trustpoint MRN_TRUSTĪllow-expired-cert Allow expired certificates to be acceptedĪP3802# configure crypto pki trustpoint MRN_TRUST enrollment terminalĪP3802# configure crypto pki trustpoint MRN_TRUST authenticate By using the “authenticate” option you can load the CA root certificate on to WGB. In this case enrollment type is chosen as “terminal”. You can configure Trust Point and associated parameters as shown below. It is a good idea to syn it with a NTP server AP3802# configure clockĪP3802# configure clock set 14:21:19 7 4 2020ĪP3802# configure ntp server 192.168.100.1 You can do it by using “ configure clock” CLI command. It is important to configure accurate time, especially if you are using 802.1X. Ssid-profile Configure SSID profile information You can see different configuration options available shown below AP3802#configure ?ĭot1x IEEE 802.1X global configuration commandsĮap-profile EAP global configuration commands Once converted to WGB, you can do configurations simply start command with the “configure” keyword. WGB is a wireless client that serve as nonroot ap for wired clients.ĪP is the Master/CAPWAP AP, system will need a reboot when ap type is changed to Workgroup-bridge Switch to Workgroup Bridge(WGB) AP type Mobility-express Switch to Mobility Express AP type AP will be reloaded & then you can configure WGB specific configurations.
0 Comments
Leave a Reply. |