Kron PAM GUI Configuration

configurations in the kron pam gui are required as well create users and user groups (see sections docid\ pfhvdxn 6ljl73osascut and docid 05dtjyq4pgfvev5idalog ) create device groups and add new devices to device groups (see sections docid\ herw3upzrbaopltax3faj and docid\ z3 txauo9otqiz8j0r1gt ) create device group realms with the user groups and device groups defined in the previous steps (see section docid\ w7zy5pzbqla8wnuascfzw ) the devices added in step 2 must correspond to the last destination ip that sends an authentication request to kron pam for example, wireless lan controller, firewall, etc define the authenticator secret key as globalsecretkey on the device group properties (see section docid\ sk53fcyfcdzx5kdam8pkx ) navigate to administration > radius 802 1x config choose an eap typ e (only peap is currently available) fill in the fields certificate authority pem , certificate private key pem (which includes certificate and private key), and certificate private key password if dynamic vlan and mac filtering are to be activated, the box(es) should be checked (see section docid\ snjc wvzjlvyv5lz wedk ) vlans can be dynamically assigned by a radius server to applicants requesting 802 1x authentication through that server if dynamic vlan is assigned to applicants, the following 2 settings must be set in kron pam check the dynamic vlan box in the 802 1x config screen the radius attribute policy should be defined on the related user group as vlan interval see section docid\ xir26yctlhu08ddsznfx check the add kron pam server to active directory box and fill in the required fields