client joins the WLAN. If not, the client remains blocked. Subsequent handshake then takes place
between the WLAN phone and the AP, to complete the process of authentication, establishing and
installing the TKIP encryption keys. As the WLAN phone begins WiFi communication, encryption
protects the data exchanged between the phone and the AP.
The following table illustrates the comparison among different EAP authentication types:
PEAP
EAP-TLS
EAP-TTLS
User Authentication
Database and Server
OTP, LDAP, NDS,
NT Domains, Active
Directory
LDAP, NT Domains,
Active Directory
OTP, LDAP, NDS,
NT Domains, Active
Director
Native Operating
System Support
1
Windows XP, 2000
Windows XP, 2000
Windows XP, 2000,
ME, 98, WinCE,
Pocket PC2000,
Mobile 2003
User Authentication
Method
Password or OTP
2 3
Digital Certificate
Password or OTP
4
Authentication
Transaction
Overhead
Moderate Substantial
Moderate
Management
Deployment
Complexity
Moderate.
Digital Certificate For
Server
Substantial.
Digital Certificate Per
Client and For
Server
Moderate.
Digital Certificate For
Server
Single Sign On
Yes
5
Yes Yes
Table 8. WPA encryption description
L
Note
1. Other operating systems can be supported with
supplicants.
2. OTP and Token are types of 2-Factor authentication.
3. Requires a server side certificate.
4. OTP and Token are types of 2-Factor authentication.
5.
Microsoft PEAP (EAP-MSCHAPv2) affords single sign on for
Windows. Other supplicants may afford other single sign
on login mechanisms.
To obtain an certificate containing your personal credentials to the WLAN phone, you can either
download it from your network carrier’s web site, or install it with any floppy disks that your network
carrier release to you together with the WLAN phone. To add the certificate on to the phone, please
118