
5-25
Cisco Wireless LAN Controller Configuration Guide
OL-13826-01
Chapter 5 Configuring Security Solutions
Configuring Local EAP
Step 4 Follow these steps to specify the order in which user credentials are retrieved from the backend database
servers:
a. Click Security > Local EAP > Authentication Priority to open the Priority Order > Local-Auth
page (see Figure 5-17).
Figure 5-17 Priority Order > Local-Auth Page
b.
Determine the priority order in which user credentials are to be retrieved from the local and/or LDAP
databases. For example, you may want the LDAP database to be given priority over the local user
database, or you may not want the LDAP database to be considered at all.
c. When you have decided on a priority order, highlight the desired database. Then use the left and
right arrows and the Up and Down buttons to move the desired database to the top of the right User
Credentials box.
Note If both LDAP and LOCAL appear in the right User Credentials box with LDAP on the top
and LOCAL on the bottom, local EAP attempts to authenticate clients using the LDAP
backend database and fails over to the local user database if the LDAP servers are not
reachable. If the user is not found, the authentication attempt is rejected. If LOCAL is on the
top, local EAP attempts to authenticate using only the local user database. It does not fail
over to the LDAP backend database.
d. Click Apply to commit your changes.
Step 5 Follow these steps to specify a timeout value for local EAP:
a. Click Security > Local EAP > General to open the General page.
b. In the Local Auth Active Timeout field, enter the amount of time (in seconds) that the controller
attempts to authenticate wireless clients using local EAP after any pair of configured RADIUS
servers fail. The valid range is 1 to 3600 seconds, and the default setting is 1000 seconds.
c. Click Apply to commit your changes.
Step 6 Follow these steps to create a local EAP profile, which specifies the EAP authentication types that are
supported on the wireless clients:
a. Click Security > Local EAP > Profiles to open the Local EAP Profiles page (see Figure 5-18).
Komentáře k této Příručce