How to Configure 802.1x EAP-TLS to Secure the Wireless Environment with Third-party CA Certificate?
This example shows how to use Android/iOS phone import the third-party certificate to get the wireless connection with 802.1x EAP-TLS protected. We need a certificate which is purchasing by the third-party CA.
1 Generate certificate request on the NXC. Go to CONFIGURATION > Object > Certificate > My certificates, and add a request certificate. In Subject Information, Set the NXC’s IP in the Host IP Address.
In Enrollment Options, select Create a certification request and save it locally for later manual enrollment.
2 Double click the certificate and scroll down the page to copy the Base-64 code, then provide it to the third-party certificate company.
3 After receiving the certificate, import the NXC identity certificate into “My Certificates”, and the REQ certificate will be changed to CERT automatically. Go to CONFIGURATION > Object > Certificate > My Certificates > Import.
4 Import the root CA and Intermediate CA’s certificate (if exits) into “Trusted Certificate”. Go to CONFIGURATION > Object > Certificate > Trusted Certificates > Import.
5 Import the station identity certificate, root CA and Intermediate CA’s certificate (if exits) into the Android/iOS phone. (The station could download the certificates from email, dropbox or a cloud storage space).
Andriod: In step “e”, the Credential use must select Wi-Fi.
iOS: The way is same as import self-signed certificate.
Configure AP profile
1 Go to CONFIGURATION > Object > AP Profile > SSID> Security List, and add a Security profile.
2 Go to CONFIGURATION > Object > AP Profile > SSID> SSID List, and add an SSID profile.
3 Go to CONFIGURATION > Wireless > AP Management > AP Group, and add this SSID into the default group.
Configure Auth. Server
1 Change the certificate to NXC identity certificate from third-party CA. Go to CONFIGURATION > System > Auth. Server > Auth. Server, and the Authentication Server Certificate select NXC.cer.
- 7.7K All Categories
- 1.6K Nebula
- 53 Nebula Ideas
- 53 Nebula Status and Incidents
- 4.3K Security
- 215 Security Ideas
- 900 Switch
- 40 Switch Ideas
- 793 WirelessLAN
- 14 WLAN Ideas
- 5K Consumer Product
- 129 Service & License
- 260 News and Release
- 87 Success Stories
- 49 Security Advisories
- 6 Education Center
- 573 FAQ
- 273 Nebula FAQ
- 132 Security FAQ
- 73 Switch FAQ
- 72 WirelessLAN FAQ
- 7 Consumer Product FAQ
- 34 Nebula Monthly Express
- 67 About Community
- 40 Security Highlight