Appendix E Wireless LANs
P-2812HNU-51c User’s Guide
397
authentication method does not support data encryption with dynamic session
key. You must configure WEP encryption keys for data encryption.
EAP-TLS (Transport Layer Security)
With EAP-TLS, digital certifications are needed by both the server and the wireless
clients for mutual authentication. The server presents a certificate to the client.
After validating the identity of the server, the client sends a different certificate to
the server. The exchange of certificates is done in the open before a secured
tunnel is created. This makes user identity vulnerable to passive attacks. A digital
certificate is an electronic ID card that authenticates the sender’s identity.
However, to implement EAP-TLS, you need a Certificate Authority (CA) to handle
certificates, which imposes a management overhead.
EAP-TTLS (Tunneled Transport Layer Service)
EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for
only the server-side authentications to establish a secure connection. Client
authentication is then done by sending username and password through the
secure connection, thus client identity is protected. For client authentication, EAP-
TTLS supports EAP methods and legacy authentication methods such as PAP,
CHAP, MS-CHAP and MS-CHAP v2.
PEAP (Protected EAP)
Like EAP-TTLS, server-side certificate authentication is used to establish a secure
connection, then use simple username and password methods through the
secured connection to authenticate the clients, thus hiding client identity.
However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2
and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is
implemented only by Cisco.
LEAP
LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of
IEEE 802.1x.
Dynamic WEP Key Exchange
The AP maps a unique key that is generated with the RADIUS server. This key
expires when the wireless connection times out, disconnects or reauthentication
times out. A new WEP key is generated each time reauthentication is performed.
If this feature is enabled, it is not necessary to configure a default encryption key
in the wireless security configuration screen. You may still configure and store
keys, but they will not be used while dynamic WEP is enabled.
Summary of Contents for P-2812HNU-51c
Page 2: ......
Page 8: ...Safety Warnings P 2812HNU 51c User s Guide 8 ...
Page 10: ...Contents Overview P 2812HNU 51c User s Guide 10 ...
Page 19: ...19 PART I User s Guide ...
Page 20: ...20 ...
Page 73: ...73 PART II Technical Reference ...
Page 74: ...74 ...
Page 88: ...Chapter 4 Status Screens P 2812HNU 51c User s Guide 88 ...
Page 118: ...Chapter 5 WAN Setup P 2812HNU 51c User s Guide 118 ...
Page 204: ...Chapter 9 Voice P 2812HNU 51c User s Guide 204 ...
Page 210: ...Chapter 10 File Sharing P 2812HNU 51c User s Guide 210 ...
Page 216: ...Chapter 11 Firewall P 2812HNU 51c User s Guide 216 ...
Page 223: ...Chapter 12 Certificate P 2812HNU 51c User s Guide 223 Figure 99 Certificate Details ...
Page 232: ...Chapter 13 Static Route P 2812HNU 51c User s Guide 232 ...
Page 236: ...Chapter 14 Policy Forwarding P 2812HNU 51c User s Guide 236 ...
Page 252: ...Chapter 16 Quality of Service QoS P 2812HNU 51c User s Guide 252 ...
Page 274: ...Chapter 19 Universal Plug and Play UPnP P 2812HNU 51c User s Guide 274 ...
Page 284: ...Chapter 21 Interface Group P 2812HNU 51c User s Guide 284 ...
Page 288: ...Chapter 22 System Settings P 2812HNU 51c User s Guide 288 ...
Page 292: ...Chapter 23 Logs P 2812HNU 51c User s Guide 292 ...
Page 300: ...Chapter 24 Tools P 2812HNU 51c User s Guide 300 ...
Page 320: ...Chapter 27 Product Specifications P 2812HNU 51c User s Guide 320 ...
Page 336: ...Appendix A Network Troubleshooting P 2812HNU 51c User s Guide 336 ...
Page 376: ...Appendix C Pop up Windows JavaScripts and Java Permissions P 2812HNU 51c User s Guide 376 ...
Page 388: ...Appendix D IP Addresses and Subnetting P 2812HNU 51c User s Guide 388 ...