Configuring EAP-TLS fragmentation
Following is the workflow to configure EAP-TLS fragmentation in a switch:
Authenticator Switch/RADIUS client
Upgrade your switch to latest version.
Enable jumbo frames on the Authenticator switch and Supplicant interface.
NOTE:For more information, see Jumbo frames chapter in the Management and Configuration Guide of your switch.
Supplicant/Client (Linux, or Window VM)
For a linux VM:
Import root CA certificate, client certificate, and client key files.
Enable jumbo frames on client/switch interface using command:
ifconfig eth1 mtu 9000
.Start the supplicant.
For a window VM:
Import root CA certificate, and client certificate on the window client.
Enable jumbo frames on window NIC using command:
enable jumbo 9182
.Start the supplicant.
RADIUS server
RADIUS server can be a ClearPass server.
Import root CA certificate, server certificate, and server
key.pem
files.Start the RADIUS server service.