11-18
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
OL-11350-01
Chapter11 Configuring Authentication Types
Configuring Authentication Types
Creating an EAP Method Profile
Beginning in privileged exec mode, follow these steps to define a new EAP profile:
Use the no command to negate a command or set its defaults.
Use the show eap registrations method command to view the currently available (registered) EAP
methods.
Use the show eap sessions command to view existing EAP sessions.
Applying an EAP Profile to the Fast Ethernet Interface
This operation normally applies to root access points. Beginning in privileged exec mode, follow these
steps to apply an EAP profile to the Fast Ethernet interface:
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 eap profile profile name Enter a name for the profile
Step3 description (Optional)—Enter a description for the EAP profile
Step4 method fast Enter an allowed EAP method or methods.
Note Although they appear as sub-parameters, EAP-GTC,
EAP-MD5, and EAP-MSCHAPV2 are intended as inner
methods for tunneled EAP authentication and should not
be used as the primary authentication method.
Step5 end Return to the privileged EXEC mode.
Step6 copy running config
startup-config
(Optional) Save your entries in the configuration file.
Command Purpose
Step1 configure terminal Enter the global configuration mode.
Step2 interface fastethernet 0 Enter the interface configuration mode for the access point’s Fast
Ethernet port.
You can also use interface fa0 to enter the fast Ethernet
configuration mode.
Step3 dot1x eap profile profile Enter the profile preconfigured profile name.
Step4 end Exit the interface configuration mode.