Users Guide
132 | Authentication and Authorization Dell Networking W-ClearPass Policy Manager 6.3 |User Guide
In tunneled EAP methods, authentication and posture credential exchanges occur inside of a protected outer tunnel.
Table 48:
Policy Manager Supported Authentication Methods
EAP Non-EAP
Tunneled l EAP Protected
EAP (EAP-PEAP)
l EAP Flexible
Authentication
Secure Tunnel
(EAP-FAST)
l EAP Transport
Layer Security
(EAP-TLS)
l EAP Tunneled
TLS (EAP-TTLS)
Non-
Tunneled
l EAP Message
Digest 5 (EAP-
MD5)
l EAP Microsoft
Challenge
Handshake
Authentication
Protocol version 2
(EAP-
MSCHAPv2)
l EAP Generic
Token Card (EAP-
GTC)
l Challenge Handshake Authentication Protocol (CHAP)
l Password Authentication Protocol (PAP)
l Microsoft CHAP version 1 and version 2
l MAC Authentication Method (MAC-AUTH)
MAC-AUTH must be used exclusively in a MAC-based
Authentication Service. If the MAC_AUTH method is selected,
Policy Manager makes internal checks to verify that the request
is indeed a MAC_Authentication request (and not a spoofed
request).
The Authorize authentication method does not fit into any of these categories.
From the Services page (Configuration > Services), you can configure authentication for a new service (as part of the
flow of the Add Service wizard), or modify an existing authentication method directly (Configuration >
Authentication > Methods, then click on its name in the Authentication Methods listing).
If you click Add New Authentication Method from any of these locations, Policy Manager displays the Add
Authentication Method popup.
Depending on the Type selected, different tabs and fields appear.
For more information, see:
l "Authorize" on page 133
l "CHAP and EAP-MD5" on page 134
l "EAP-FAST " on page 136
l "EAP-GTC" on page 141
l "EAP-MSCHAPv2" on page 142
l "EAP-PEAP" on page 142