Local RADIUS Termination at the Access Control Engine

How to configure authentication using the Access Control engine RADIUS server to locally terminate 802.1X EAP authentication requests. There are three methods that can be used to do this, depending on the protocol that is used:

  • LDAP Authentication – Uses a backend Active Directory server or LDAP server, and
    RADIUS server and client certificates (if required) to authenticate users.
  • Local Authentication – Uses a local password repository, and RADIUS server and
    client certificates (if required) to authenticate users.
  • RADIUS Certificates only – Uses only RADIUS server and client certificates to
    authenticate users (no password is required).

The chart below lists the hash types supported by each protocol for user password
encryption. Note that PEAP (TLS) is not supported for local RADIUS termination
and is only supported in a proxy RADIUS configuration. If passwords are required, you can then decide whether to use LDAP or local authentication for password verification.

8021xeap

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s