The 802.1x Supplicant Configuration page authenticates the device on a network using 802.1x.

802.1x can be configured to use different authentication mechanisms such as L2 Ethernet for its authentication, but will typically not be able to authenticate over a VLAN.

  1. Choose Network > 802.1X Supplicant

  2. Configure settings using the information in the following table as a guide. When you have finished configuring settings, click Submit to make your changes take effect.


802.1X Supplicant Configuration Parameters

ItemDescription
Interface

Select an interface from the Interface drop-down list:

  • eth1 (default)
  • eth0 (VID=1)

Due to a hardware limitation, authenticating over the LAN port is not supported on the EdgeMarc 2900aPoE, 2900ePoE, 4508POE and 4608POE.

Enable 802.1X supplicantSelect the Enable 802.1X supplicant check-box to enable the 802.1X supplicant.
Anonymous IdentityEnter an anonymous ID.
IdentityEnter a username to use with FAST Phase 2 authentication.
PasswordEnter a password to use with FAST Phase 2 or MD5 authentication. 
EAP

Selects the Extensible Authentication Protocol (EAP) authentication protocol for your system.

Choose an authentication protocol for your system from the EAP drop-down list:

  • MD5—EAP-MD5 password protection only. Provides authentication of the EAP peer to the EAP server but not mutual authentication. Least secure connection and not suitable for dynamic WEP, or WPA/WPA2 enterprise.
  • PEAP—Protected Extensible Authentication Protocol (PEAP) with PEAP-MSCHAPv2. PEAP encapsulates the EAP within an encrypted and authenticated TLS tunnel.
  • FAST—EAP-FAST (Flexible Authentication via Secure Tunneling) allows mutual authentication of peer and server.

Note: Both PEAP and FAST tunnels the authentication data, providing more options for security:

  • Phase 1—Validates the tunnel. Only MD5 authentication is supported.
  • Phase 2—Authenticates within the tunnel. The username and password used are “Identity” and “Password.”