Configuring EAP-TLS fragmentation

Following is the workflow to configure EAP-TLS fragmentation in a switch:

  • Authenticator Switch/RADIUS client

    • Upgrade your switch to latest version.

    • Enable jumbo frames on the Authenticator switch and Supplicant interface.

    NOTE:

    For more information, see Jumbo frames chapter in the Management and Configuration Guide of your switch.

  • Supplicant/Client (Linux, or Window VM)

    • For a linux VM:

      1. Import root CA certificate, client certificate, and client key files.

      2. Enable jumbo frames on client/switch interface using command: ifconfig eth1 mtu 9000.

      3. Start the supplicant.

    • For a window VM:

      1. Import root CA certificate, and client certificate on the window client.

      2. Enable jumbo frames on window NIC using command: enable jumbo 9182.

      3. Start the supplicant.

  • RADIUS server

    RADIUS server can be a ClearPass server.

    1. Import root CA certificate, server certificate, and server key.pem files.

    2. Start the RADIUS server service.