Cisco 7921G Administration Guide - Page 94
Configuring PEAP, Before You Begin, Enabling PEAP Authentication - web protection
UPC - 882658123108
View all Cisco 7921G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 94 highlights
Configuring Network Profiles Chapter 4 Using the Cisco Unified Wireless IP Phone 7921G Web Pages Step 3 Step 4 On the ACS Certification Authority Setup page, add the Manufacturing Root Certificate and Manufacturing CA Certificate to the ACS server. Enable both the Manufacturing Root Certificate and Manufacturing CA Certificate in the ACS Certificate Trust List. Configuring PEAP Protected Extensible Authentication Protocol (PEAP) uses server-side public key certificates to authenticate clients by creating an encrypted SSL/TLS tunnel between the client and the authentication server. Note The authentication server validation can be enabled by importing the authentication server certificate. Before You Begin Before you configure PEAP authentication for the phone, make sure these Cisco Secure ACS requirements are met: • The ACS root certificate must be installed • Enable the Allow EAP-MSCHAPv2 setting • User account and password must be configured • For password authentication, you can use the local ACS database or an external one (such as Windows or LDAP) Enabling PEAP Authentication To enable PEAP authentication on the phone, follow these steps: Procedure Step 1 Step 2 From the phone configuration web page, choose PEAP as the authentication mode. See Configuring the Authentication Mode, page 4-15. Enter a user name and password. Enabling PEAP (MS-CHAPv2) Server Certificate Authentication To enable server identity validation, follow these steps: Procedure Step 1 From the Network Profile Advance Profile page, choose PEAP as the security mode in the WLAN Security section. 4-24 Cisco Unified Wireless IP Phone 7921G Administration Guide for Cisco Unified Communications Manager Release 7.0 OL-15985-01