How to Configure for a TLS Demo Out of the Box8950 AAA Certificate Manager
................................................................................................................................... .........................................................................................................................
365-360-001R6.0
Issue 1, December 2008 22-23
.................................................................................................................................... ........................................................................................................................
Mar 1 22:42 root.pem-rwxrwxrwa 1 Administrators None
2918 Mar 1 22:42 server.pem-rwxrwxrwa 1 Administrators None
944 Mar 1 22:35 trusted.pem
Started SMT....
->..\bin\nrsmt -u admin -p admin -l
Configured PolicyAssistant accepting all of the included samples
defaults up until the Authentication Page.
Expanded EAP section in Authentication types
Selected EAP-TLS, clicked next
Accepted defaults until TLS page. Used info in tls1.jpg.
Accepted defaults for rest and selected save
exited SMT.
Now have policy of:
->cat data.config-info
MyPolicy
PolicyName="MyPolicy"
User-Source="UserFile"
Default-AuthType="EAP-TLS"
Asserted-Auth-Type="FALSE"
Connection-Limit="1"
Policy-Limit="-1"
User-Limit-Scope="Policy"
UserFileName="users"
Proxy-Acct-Enabled="FALSE"
User-Template-Enabled="FALSE"
Session-Templates-Enabled="TRUE"
Policy-Templates-Enabled="TRUE"
Template-FileName="users.templates"
Policy-Session-Template="PPP"
Disposition-On-Missing-Template="success"
EAP-Allowed-Auth-Types="EAP-TLS"
TLS-RsaCertFile="server.pem"
TLS-RsaKeyPassword="test-server"
TLS-TrustedFile="trusted.pem"
TLS-FragmentSize="1012"
Allowed-Transports="/EAP-TLS/EAP-TLS"
Tunnel-Enabled="FALSE"
TTLS-RsaCertFile="server.pem"
TTLS-RsaKeyPassword="test-server"
Accounting-Method="DetailFile"
Accounting-FileName="detail"
Accounting-FileRolloverMode="Monthly"
->..\bin\va start radius -loglevel debug
8950AAA Radius Server starting...
8950AAA Radius Server initialized.