vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-10-26 08:41:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

ethernet: eapol: use re-includable interface definition

Browse Source
This commit is contained in:
Christian Poessinger 2020-12-29 12:04:47 +01:00
parent 1162e00071
commit 91a07725ba
2 changed files with 40 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
docs/_include/interface-eapol.txt Normal file
View File

@ -0,0 +1,37 @@
:abbr:`EAP (Extensible Authentication Protocol)` over LAN (EAPoL) is a network
port authentication protocol used in IEEE 802.1X (Port Based Network Access
Control) developed to give a generic network sign-on to access network
resources.
EAPoL comes with an identify option. We automatically use the interface MAC
address as identity parameter.
.. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }}
{{ var5 }} {{ var6 }} eapol ca-cert-file <file>
SSL :abbr:`CA (Certificate Authority)` x509 PEM file used afor authentication
of the remote side.
.. code-block:: none
set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} eapol ca-cert-file /config/auth/ca.pem
.. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }}
{{ var5 }} {{ var6 }} eapol cert-file <file>
SSL/x509 public certificate file provided by the client to authenticate
against the 802.1x system.
.. code-block:: none
set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} eapol cert-file /config/auth/public.pem
.. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }}
{{ var5 }} {{ var6 }} eapol key-file <file>
SSL/x509 private certificate file provided by the client to authenticate
against the 802.1x system.
.. code-block:: none
set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} eapol key-file /config/auth/private.key

36
docs/configuration/interfaces/ethernet.rst
View File

@ -99,40 +99,10 @@ Offloading
Authentication (EAPoL)
----------------------
:abbr:`EAP (Extensible Authentication Protocol)` over LAN (EAPoL) is a network
port authentication protocol used in IEEE 802.1X (Port Based Network Access
Control) developed to give a generic network sign-on to access network
resources.
.. cmdinclude:: /_include/interface-eapol.txt
:var0: ethernet
:var1: eth0
EAPoL comes with an identify option. We automatically use the interface MAC
address as identity parameter.
.. cfgcmd:: set interfaces ethernet <interface> eapol ca-cert-file <file>
SSL :abbr:`CA (Certificate Authority)` x509 PEM file used afor authentication
of the remote side.
.. code-block: none
set interfaces ethernet eth0 eapol ca-cert-file /config/auth/ca.pem
.. cfgcmd:: set interfaces ethernet <interface> eapol cert-file <file>
SSL/x509 public certificate file provided by the client to authenticate
against the 802.1x system.
.. code-block: none
set interfaces ethernet eth0 eapol cert-file /config/auth/public.pem
.. cfgcmd:: set interfaces ethernet <interface> eapol key-file <file>
SSL/x509 private certificate file provided by the client to authenticate
against the 802.1x system.
.. code-block: none
set interfaces ethernet eth0 eapol key-file /config/auth/private.key
VLAN
====