Here is the configuration for NanoStation (airOS) devices.
MAC address only
When the authentication server is configured to accept network access based on MAC address only, the security configuration in the authenticator (access point) is the following:

and the security configuration in the supplicant is the following:

IEEE802.1X
When the authentication server is configured to accept network access based on username and password only, the security configuration in the authenticator (access point) is the following:

and the security configuration in the supplicant is the following:

Remember to update the fields with the correct information that fit your network infrastructure (e.g., setting the correct username and passwords, authentication server IP address, etc.).
MAC address and IEEE802.1X combined
The security configuration in the airOS authenticator (access point) can be either MAC based or IEEE802.1X but not both at the same time. So, when the authentication server is configured to accept network access based on both MAC address and IEEE802.1X, the infrastructure can hold authenticators with different wireless security. For example, one authenticator configured to accept network access based on supplicant’s MAC addresses and other authenticator configured to accept network access based on supplicant’s username and password.
When the authentication server is configured to accept network access based on both MAC address and IEEE802.1X and both authenticator and supplicant are configured to authenticate using IEEE802.1X, the supplicant also sends the MAC address of the supplicant device to the authentication server, so the authentication server tells authenticator to accept network access based on the MAC address, username and pasword triplet.