Configuring Access Point Security 6-63
3. Use the TTLS/PEAP Configuration field to specify the Radius Server default EAP type,
EAP authentication type and a Server or CA certificate (if used).
LDAP If LDAP is selected, the switch will use the data in an LDAP server.
Configure the LDAP server settings on the LDAP screen under
RADIUS Server on the menu tree. For more information, see
Configuring LDAP Authentication on page 6-65.
EAP Type Use the EAP Type checkboxes to enable the default EAP type(s) for
the RADIUS server. Options include:
• PEAP - Select the PEAP checkbox to enable both PEAP
types (GTC and MSCHAP-V2) available to the AP-5131.
PEAP uses a TLS layer on top of EAP as a carrier for
other EAP modules. PEAP is an ideal choice for
networks using legacy EAP authentication methods.
• TTLS - Select the TTLS checkbox to enable all three
TTLS types (MD5, PAP and MSCHAP-V2) available to
the AP-5131.TTLS is similar to EAP-TLS, but the client
authentication portion of the protocol is not performed
until after a secure transport tunnel is established. This
allows EAP-TTLS to protect legacy authentication
methods used by some RADIUS servers.
• TLS - The TLS checkbox is selected but disabled by
default and resides in the background as it does not
contain user configurable parameters.