mirror of
https://github.com/vyos/vyos-documentation.git
synced 2025-11-04 00:02:05 +01:00
38 lines
1.4 KiB
Plaintext
38 lines
1.4 KiB
Plaintext
:abbr:`EAP (Extensible Authentication Protocol)` over LAN (EAPoL) is a network
|
|
port authentication protocol used in IEEE 802.1X (Port Based Network Access
|
|
Control) developed to give a generic network sign-on to access network
|
|
resources.
|
|
|
|
EAPoL comes with an identify option. We automatically use the interface MAC
|
|
address as identity parameter.
|
|
|
|
.. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }}
|
|
{{ var5 }} {{ var6 }} eapol ca-cert-file <file>
|
|
|
|
SSL :abbr:`CA (Certificate Authority)` x509 PEM file used afor authentication
|
|
of the remote side.
|
|
|
|
.. code-block:: none
|
|
|
|
set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} eapol ca-cert-file /config/auth/ca.pem
|
|
|
|
.. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }}
|
|
{{ var5 }} {{ var6 }} eapol cert-file <file>
|
|
|
|
SSL/x509 public certificate file provided by the client to authenticate
|
|
against the 802.1x system.
|
|
|
|
.. code-block:: none
|
|
|
|
set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} eapol cert-file /config/auth/public.pem
|
|
|
|
.. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }}
|
|
{{ var5 }} {{ var6 }} eapol key-file <file>
|
|
|
|
SSL/x509 private certificate file provided by the client to authenticate
|
|
against the 802.1x system.
|
|
|
|
.. code-block:: none
|
|
|
|
set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} eapol key-file /config/auth/private.key
|