...
- Be valid and signed by an authority, which is trusted by the device running User Manager
- Have the user name in the Common Subject Alt Name (CN) fieldSAN) field. For backward compatibility, you can also add it in the CN field. For more information please see: https://datatracker.ietf.org/doc/html/rfc5216#section-5.2
Finally, the WPA3 enterprise specification includes an extra secure mode, which provides 192-bit cryptographic security.
...
Code Block | ||||
---|---|---|---|---|
| ||||
# Configuring radius client /radius add address=10.0.0.10 secret="Use a secure password generator for this" service=wireless timeout=1s /radius incoming set accept=yes # Adding a security profile and applying it to wireless interfaces /interface/wireless/security-profile add name=radius mode=dynamic-keys authentication-types=wpa2-eap /interface/wireless set [find] security-profile=radius |
...
Code Block | ||||
---|---|---|---|---|
| ||||
# Configuring radius client
/radius
add address=10.0.0.10 secret="Use a secure password generator for this too" service=wireless timeout=1s
/radius incoming
set accept=yes
# Configuring enabled authentication types. Can also be done via a security profile, but note that interface properties, if specified, override profile properties
/interface/wifiwave2 set [find] security.authentication-types=wpa2-eap,wpa3-eap |
...