System Security
802.1X Supplicant
Cisco Small Business WAP551 and WAP561 Wireless-N Access Point 107
6
802.1X SupplicantIEEE 802.1X authentication enables the access point to gain access to a secured
wired network. You can enable the access point as an 802.1X supplicant (client) on
the wired network. A user name and password that are encrypted using the MD5
algorithm can be configured to allow the access point to authenticate using
802.1X.
On networks that use IEEE 802.1X port-based network access control, a
supplicant cannot gain access to the network until the 802.1X authenticator grants
access. If your network uses 802.1X, you must configure 802.1X authentication
information on the WAP device, so that it can supply it to the authenticator.
The 802.1X Supplicant page is divided into three areas: Supplicant Configuration,
Certificate File Status, and Certificate File Upload.
The Supplicant Configuration area enables you to configure the 802.1X
operational status and basic settings.
STEP 1 Select System Security > 802.1X Supplicant in the navigation pane.
STEP 2 Click Refresh to update t he Certif icate file sta tus.
STEP 3 Enter the parameters:
•Administrative Mode—Enables the 802.1X supplicant functionality.
•EAP Method—The algorithm to be used for encrypting authentication user
names and passwords.
-MD5—A hash function defined in RFC 3748 that provides basic security.
-PEAP—Protected Extensible Authentication Protocol, which provides a
higher level of security than MD5 by encapsulating it within a TLS tunnel.
-TLS—Transport Layer Security, as defined in RFC 5216, an open
standard that provides a high level of security.
•Username—The WAP device uses this username when responding to
requests from an 802.1X authenticator. The username can be 1 to 64
characters long. ASCII-printable characters are allowed, which includes
uppercase and lowercase alphabetic letters, numeric digits, and all special
characters except quotation marks.