H3C交换机dot1X+AD+IAS+CA配置实验(分享错误经历)三
版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 、作者信息和本声明。否则将追究法律责任。http://catcity.blog.51cto.com/310698/59943 |
3、IAS 及客户机不同的认证方式配置
经过多次试验,对交换机、IAS和客户机之间的认证方式总结了如下规律,不一定完全正确,还请各位帮忙验证
````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````
交换机认证方式 IAS配置
dot1x authentication-method
````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````
Chap 远程访问策略配置文件
身份验证中选择chap
````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````
pap 远程访问策略配置文件
身份验证中选择pap
````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````
Eap 远程访问策略配置文件
身份验证中无需选择
只要在EAP方法中添加
与客户机认证匹配的方法即可
````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````
````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````
客户机认证方式 IAS配置
````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````
md5质询 远程访问策略配置文件EAP方法中
选择MD5质询
````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````
受保护的EAP 远程访问策略配置文件EAP方法中
选择受保护的EAP
````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````````
智能卡或其它证书 远程访问策略配置文件EAP方法中
选择智能卡或其它证书
总结交换机与IAS,客户机与IAS认证方式可以交叉,互相之间并不影响。 本文出自 “乱窜的猫真实可靠” 博客,请务必保留此出处http://catcity.blog.51cto.com/310698/59943 本文出自 51CTO.COM技术博客 |
乱窜的猫
博客统计信息
热门文章
最新评论
友情链接