diff options
| author | Christian Poessinger <christian@poessinger.com> | 2020-12-29 12:04:47 +0100 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2020-12-29 12:04:47 +0100 |
| commit | 91a07725badb093da149f35045ad40d9673ecbbd (patch) | |
| tree | e8aa6a1f583dda9d9fcba773fb0b24bc2fb8fd3f | |
| parent | 1162e00071c9d28b2c86f6ba3a9e4e8b086e8783 (diff) | |
| download | vyos-documentation-91a07725badb093da149f35045ad40d9673ecbbd.tar.gz vyos-documentation-91a07725badb093da149f35045ad40d9673ecbbd.zip | |
ethernet: eapol: use re-includable interface definition
| -rw-r--r-- | docs/_include/interface-eapol.txt | 37 | ||||
| -rw-r--r-- | docs/configuration/interfaces/ethernet.rst | 36 |
2 files changed, 40 insertions, 33 deletions
diff --git a/docs/_include/interface-eapol.txt b/docs/_include/interface-eapol.txt new file mode 100644 index 00000000..68e5073d --- /dev/null +++ b/docs/_include/interface-eapol.txt @@ -0,0 +1,37 @@ +:abbr:`EAP (Extensible Authentication Protocol)` over LAN (EAPoL) is a network +port authentication protocol used in IEEE 802.1X (Port Based Network Access +Control) developed to give a generic network sign-on to access network +resources. + +EAPoL comes with an identify option. We automatically use the interface MAC +address as identity parameter. + +.. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }} + {{ var5 }} {{ var6 }} eapol ca-cert-file <file> + + SSL :abbr:`CA (Certificate Authority)` x509 PEM file used afor authentication + of the remote side. + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} eapol ca-cert-file /config/auth/ca.pem + +.. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }} + {{ var5 }} {{ var6 }} eapol cert-file <file> + + SSL/x509 public certificate file provided by the client to authenticate + against the 802.1x system. + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} eapol cert-file /config/auth/public.pem + +.. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }} + {{ var5 }} {{ var6 }} eapol key-file <file> + + SSL/x509 private certificate file provided by the client to authenticate + against the 802.1x system. + + .. code-block:: none + + set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} eapol key-file /config/auth/private.key diff --git a/docs/configuration/interfaces/ethernet.rst b/docs/configuration/interfaces/ethernet.rst index 4392c1c8..d7bc8518 100644 --- a/docs/configuration/interfaces/ethernet.rst +++ b/docs/configuration/interfaces/ethernet.rst @@ -99,40 +99,10 @@ Offloading Authentication (EAPoL) ---------------------- -:abbr:`EAP (Extensible Authentication Protocol)` over LAN (EAPoL) is a network -port authentication protocol used in IEEE 802.1X (Port Based Network Access -Control) developed to give a generic network sign-on to access network -resources. - -EAPoL comes with an identify option. We automatically use the interface MAC -address as identity parameter. - -.. cfgcmd:: set interfaces ethernet <interface> eapol ca-cert-file <file> - - SSL :abbr:`CA (Certificate Authority)` x509 PEM file used afor authentication - of the remote side. - - .. code-block: none - - set interfaces ethernet eth0 eapol ca-cert-file /config/auth/ca.pem - -.. cfgcmd:: set interfaces ethernet <interface> eapol cert-file <file> - - SSL/x509 public certificate file provided by the client to authenticate - against the 802.1x system. - - .. code-block: none - - set interfaces ethernet eth0 eapol cert-file /config/auth/public.pem - -.. cfgcmd:: set interfaces ethernet <interface> eapol key-file <file> - - SSL/x509 private certificate file provided by the client to authenticate - against the 802.1x system. - - .. code-block: none +.. cmdinclude:: /_include/interface-eapol.txt + :var0: ethernet + :var1: eth0 - set interfaces ethernet eth0 eapol key-file /config/auth/private.key VLAN ==== |