Administrator Guide
NOTE: Currently, 802.1x conguration by using the Enable802 INI parameter is supported only for Wired connections and
supported authentications are EAP-PEAP (MSCHAPv2) and EAP-TLS using SCEP.
• Supported seamless 802.1x authentication works with Linux thin clients by using Active Directory domain user credentials for EAP-
MSCHAPv2 authentication, see EAP PEAP MSCHAPv2 Authentication Workow.
• EAP-TLS is certicate-based authentication which uses SCEP for certicate enrollment, see EAP TLS Authentication Workow.
The following diagram depicts communication between the components in an 802.1x Linux thin client solution.
NOTE: EAP-TLS security requires client side and server side certicates for mutual authentication. Every user and client,
including the authentication server that participates in EAP-TLS, must have at least the following two certicates:
• Client certicate signed by the certicate authority (CA).
• Copy of the CA root certicate.
IMPORTANT: Dell recommends you to set INI values for all the 802.1x parameters because these parameters are part of the
persistent registry which will remain across the reboot and if any parameter is not set, it will take the previously set value, which
may show inconsistent behaviors.
Conguring thin client settings locally 37