Configuration of 802.1X Authentication on WAP121 and WAP321 Access Points

Available Languages

Download Options

PDF (29.2 KB)
View with Adobe Reader on a variety of devices
ePub (80.2 KB)
View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle) (117.7 KB)
View on Kindle device or Kindle app on multiple devices

Updated:December 10, 2018

Document ID:SMB2008

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Configuration of 802.1X Authentication on WAP121 and WAP321 Access Points

Objective

In 802.1X authentication when a host (also known as the supplicant) tries to connect to a secured network, a network device called the authenticator checks with an authentication server that supports the security protocols, RADIUS and Extensible Authentication Protocol (EAP), to verify the identity of the supplicant. In this way, the network device provides an additional layer of security to the network.

This document explains how to configure the WAP121 and WAP321 access points as a supplicant for 802.1X authentication.

Applicable Devices

• WAP121
• WAP321

Software Version

• 1.0.3.4

802.1X Supplicant Configuration

Step 1. Log in to the web configuration utility and choose System Security > 802.1X Supplicant. The Supplicant Configuration page opens:

Step 2. Check Enable in the Administrative Mode field to enable the device to act as a supplicant in 802.1X authentication.

Step 3. Choose the appropriate type of Extensible Authentication Protocol (EAP) method from the drop-down list in the EAP Method field.

• MD5 — MD5 is an algorithm which is used to encrypt data of any size in to 128 bit, the MD5 algorithm uses public key cryptosystem to encrypt the data.

• PEAP — Protected EAP is an authentication method that provides enhanced security, PEAP authenticates wireless LAN clients through digital certificates issued by the server by creating an encrypted SSL/TLS tunnel between the client and the authentication server.

• TLS — Transport Layer Security (TLS) is a cryptographic protocol that provides security and data integrity for communication over the Internet. When a server and client communicate, TLS ensures that no third party tampers with the original message. Most of the functions of MD5 are used in TLS.

Step 4. Enter the username and password that the access point uses to get authentication from the 802.1X authenticator in the Username and Password fields. The length of the username and password must be from 1 to 64 alphanumeric and symbol characters.

Step 5. Click Save to save the settings.

Note: The Certificate File Status area shows whether the certificate file is present or not. The SSL certificate is a digitally signed certificate by a certificate authority that allows the web browser to have a secure communication with the web server. To manage and configure the SSL certificate refer to the article Secure Socket Layer (SSL) Certificate Management on WAP121 and WAP321 Access Points.

Revision History

Revision	Publish Date	Comments
1.0	10-Dec-2018	Initial Release

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)