Reference Guide
Parameter
* Global overrides identically-named user profile
** After sign off, user profile returns to global value
Description
**icaBrowsing={udp, http}
Default is http.
Establishes the default browsing protocol. This setting can be
overridden by the parameter HttpBrowsing in each connection
property. The method of browsing selected must match the
method provided by the server(s) being accessed.
This setting in a wnos.ini file will be saved into NVRAM, if
EnableLocal=yes is set in the wnos.ini file.
IEEE8021X={yes, no}
network={wired, wireless}
[Profile=ssid]
[access={WPA-PSK, WPA2-PSK, WPA-ENT, WPA2-ENT}]
[eap={yes, no}]
[servervalidate={yes, no}]
[servercheck={yes, no}]
[servername={"servername for EAP-TLS, EAP-PEAP, EAP-
FAST"}]
[eaptype={None, EAP-LEAP, EAP-TLS, EAP-PEAP, EAP-FAST}]
[leapun={username for EAP-LEAP}]
[leappwd={password for EAP-LEAP}]
[leappwdEnc={password encrypted for EAP-LEAP}]
[tlsauthtype={user, machine}]
[tlsclntcert={client certificate filename for EAP-TLS}]
[tlsclntprikey={filename of certificate with private key for EAP-
TLS}]
[tlsclntprikeypwd={password for private key}]
[tlsclntprikeypwdEnc={password encrypted for private key}]
[peapeap={EAP-MSCHAPV2, EAP-GTC}]
[peapidentity={identity/username for PEAP}]
[peapmschapun={username for EAP-PEAP/ EAP-MSCHAPV2}]
[peapmschappwd={password for EAP-PEAP/EAP-MSCHAPV2}]
[peapmschappwdEnc={password encrypted for EAP-PEAP/EAP-
MSCHAPV2}]
[peapmschapdm={domain for EAP-PEAP/ EAP-MSCHAPV2}]
[peapmschaphidedm={yes,no}]
[peapsinglesignon={yes, no}]
[peapgtcun={username for EAP-PEAP/ EAP-GTC}]
[peapgtcpwd={password for EAP-PEAP/ EAP-GTC}]
[peapgtcpwdEnc={password for encrypted for EAP-PEAP/EAP-
GTC}]
[wpapskpwd={passphrase for WPA-PSK}]
[wpapskpwdEnc={passphrase encrypted for WPA-PSK}]
[wpa2pskpwd={passphrase for WPA2-PSK}]
1.
If IEEE8021X is set to no, then all parameters following it is
ignored.
2. If network is not configured, the configuration is ignored.
3. The key left of equal is case sensitive, and the value right of
equal case is not case sensitive except for credential
information; for example username, password or certificate
filename.
4. If two entries exist in an INI file, one each for wired and
wireless, both will take effect; for example IEEE8021X=yes
network=wired EAP=yes … IEEE8021X=yes network=wireless
access=WPA-ENT …
5. All EAP credential information is stored whatever the eaptype
setting.
6. The default values are underlined.
7. All passwords here should be encrypted.
8. The wildcard server include three entries in INI file. If both the
servervalidate entry and servercheck entry are set to yes, the
servername entry is valid.
9. Server certificate validation is mandatory in EAP-TLS
authentication. If the eaptype entry is set to EAP-TLS, the
servercheck entry must be set to yes.
10. Server list must be included in double quotation marks. For
example IEEE8021X=yes Network=wireless access=WPA2-
ENT eap=yes servervalidate=yes servercheck=yes
servername=";test.com;wireless98; test.com" eaptype=eap-
peap peapeap=eap-mschapv2 peapmschapun=administrator
peapmschappwd=password
.
11. Additional option timeoutretry specifies the retry times when
8021x authentication times out, which means that it is only
validated when the optional network type is wired. For
example, timeoutretry=3 allows you to retry thrice after 8021x
authentication times out.
12. Additional option Profile specifies the type of ssid
authentication to be configured. When we support multiple ssid
wireless settings, the statement ieee8021x must be after the
statement device=wireless, and one additional profile
parameter is needed to identify the type of ssid authentication
which is configured. For example,
#ThinIsIn
Device=Wireless Mode=Infrastructure
SSID=ThinIsInIEEE8021X=yes network=wireless
profile=ThinIsIn access=WPA2-ENT eap=yes eaptype=EAP-
PEAP peapeap=EAP-MSCHAPV2 peapmschapdm=wyse
70
Parameters for wnos INI, {username} INI, and $MAC INI files