Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Adding EAP Methods to an Authentication Policy

 

If you want your authentication policy to use one or more EAP methods along with an authentication method, you need to add the EAP methods to the authentication method.

Note

EAP methods must be configured before they can be added to an authentication policy. For details on configuring and enabling EAP methods see Setting Up EAP Methods.

Enabling EAP Methods

Enabling EAP Methods

To add an EAP method to an authentication policy, you must first enable the EAP method.

To enable an EAP method using the Web GUI:

  1. Select RADIUS Configuration > Authentication Policies > EAP Methods.

    The EAP Methods List page (Figure 79) appears.

    Figure 79: EAP Methods List Page
    EAP Methods List Page

  2. Click the Status column of the EAP authentication method entry you want enable and select the appeared check box.

  3. Click Apply to save the configuration.

Activating an EAP Method

Activating an EAP Method

Once the EAP method has been enabled, it becomes available to be activated and added to the authentication policy. You can also specify the order in which you want SBR Carrier to use the EAP method for the authentication policy.

To activate and add an EAP method to an authentication policy using the Web GUI:

  1. In the Authentication Methods page (Figure 78), select the active authentication policy to which you want to add the EAP method and click EAP Setup.

    The Setup EAP for User dialog box for the selected user appears. Figure 80 shows the sample Setup EAP for Native User dialog box.

    Figure 80: Setup EAP for Native User Dialog
    Setup EAP for Native User Dialog
    Note

    You must configure each EAP method using the respective .aut file before the EAP method is displayed in Web GUI.

  2. To activate or deactivate an EAP method, select the method and click the Right or Left arrow to move the method to the corresponding area. To activate or deactivate all authentication method, click or to move all the methods to the corresponding area.

    You can also activate or deactivate an authentication method by dragging the method to the right or left.

    In the example shown in Figure 80, the EAP-TLS method is being activated for the Native User authentication method.

  3. If you select more than one EAP method, you can adjust the order of authentication. Select one of the methods and click the Up or Down arrow to change its order.

  4. If you want to restrict use of this authentication method to requests that contain EAP credentials, select the Use EAP Authentication Only check box.

    When this check box is selected, SBR Carrier prevents the authentication method from being called for any request that does not contain EAP credentials, and bypasses the authentication method if an authentication request specifically requests an EAP protocol that is not listed in the authentication method’s EAP-Type list in the eap.ini file. For more information see EAP-Only Setting.

  5. If you want SBR Carrier to use an automatic EAP helper to generate credentials for a user, select the Handle via Auto-EAP First check box.

    You should clear this check box if an authentication method is capable of handling EAP credentials on its own (without an EAP helper). For more information, see First-Handle-Via-Auto-EAP Setting.

  6. Click OK.

  7. Click Save to save the changes.