Appendix D Wireless LANs
VMG1312-B Series User’s Guide
344
EAP-TTLS (Tunneled Transport Layer Service)
EAP-TTLS is an ext ension of t he EAP-TLS aut hent icat ion t hat uses cert ificat es for only t he server-
side aut hent icat ions t o est ablish a secure connect ion. Client aut hent icat ion is t hen done by sending
usernam e and password t hrough t he secure connect ion, t hus client ident it y is prot ect ed. For client
aut hent icat ion, EAP-TTLS support s EAP m et hods and legacy aut hent icat ion m et hods such as PAP,
CHAP, MS- CHAP and MS- CHAP v2.
PEAP (Protected EAP)
Like EAP-TTLS, server- side cert ificat e aut hent icat ion is used t o est ablish a secure connect ion, t hen
use sim ple usernam e and password m et hods t hrough t he secured connect ion t o aut hent icat e t he
client s, t hus hiding client ident it y. However, PEAP only support s EAP m et hods, such as EAP- MD5,
EAP- MSCHAPv2 and EAP- GTC ( EAP- Generic Token Card) , for client aut hent icat ion. EAP- GTC is
im plem ent ed only by Cisco.
LEAP
LEAP ( Light weight Ext ensible Aut hent icat ion Prot ocol) is a Cisco im plem ent at ion of I EEE 802.1x.
Dynamic WEP Key Exchange
The AP m aps a unique key t hat is generat ed wit h t he RADI US server. This key expires when t he
wireless connect ion t im es out , disconnect s or reaut hent icat ion t im es out . A new WEP key is
generat ed each t im e reaut hent icat ion is perform ed.
I f t his feat ure is enabled, it is not necessary t o configure a default encrypt ion key in t he wireless
securit y configurat ion screen. You m ay st ill configure and st ore keys, but t hey will not be used while
dynam ic WEP is enabled.
Not e: EAP- MD5 cannot be used w it h Dynam ic WEP Key Exchange
For added securit y, cert ificat e- based aut hent icat ions ( EAP-TLS, EAP-TTLS and PEAP) use dynam ic
keys for dat a encrypt ion. They are oft en deployed in corporat e environm ent s, but for public
deploym ent , a sim ple user nam e and password pair is m ore pract ical. The following t able is a
com parison of t he feat ures of aut hent icat ion t ypes.
Table 124
Com parison of EAP Aut hent icat ion Types
EAP-MD5
EAP-TLS
EAP-TTLS
PEAP
LEAP
Mut ual Aut hent icat ion
No
Yes
Yes
Yes
Yes
Cert ificat e – Client
No
Yes
Opt ional
Opt ional
No
Cer t ificat e – Ser ver
No
Yes
Yes
Yes
No
Dynam ic Key Exchange
No
Yes
Yes
Yes
Yes
Credent ial I nt egrit y
None
St rong
St rong
St rong
Moderat e
Deploym ent Difficult y
Easy
Hard
Moderat e
Moderat e
Moderat e
Client I dent it y Prot ect ion
No
No
Yes
Yes
No
Summary of Contents for VMG1312-B Series
Page 4: ...Contents Overview VMG1312 B Series User s Guide 4 Troubleshooting 289 ...
Page 14: ...Table of Contents VMG1312 B Series User s Guide 14 ...
Page 15: ...15 PART I User s Guide ...
Page 16: ...16 ...
Page 30: ...Chapter 2 The Web Configurator VMG1312 B Series User s Guide 30 ...
Page 35: ...Chapter 4 Tutorials VMG1312 B Series User s Guide 35 7 Click Apply to save your settings ...
Page 77: ...77 PART II Technical Reference ...
Page 78: ...78 ...
Page 166: ...Chapter 9 Routing VMG1312 B Series User s Guide 166 ...
Page 184: ...Chapter 10 Quality of Service QoS VMG1312 B Series User s Guide 184 ...
Page 210: ...Chapter 13 Interface Group VMG1312 B Series User s Guide 210 ...
Page 226: ...Chapter 15 Firewall VMG1312 B Series User s Guide 226 ...
Page 232: ...Chapter 17 Parental Control VMG1312 B Series User s Guide 232 ...
Page 242: ...Chapter 19 Certificates VMG1312 B Series User s Guide 242 ...
Page 246: ...Chapter 20 Log VMG1312 B Series User s Guide 246 ...
Page 250: ...Chapter 21 Traffic Status VMG1312 B Series User s Guide 250 ...
Page 256: ...Chapter 24 IGMP Status VMG1312 B Series User s Guide 256 ...
Page 260: ...Chapter 25 xDSL Statistics VMG1312 B Series User s Guide 260 ...
Page 262: ...Chapter 26 User Account VMG1312 B Series User s Guide 262 ...
Page 268: ...Chapter 29 TR 064 VMG1312 B Series User s Guide 268 ...
Page 272: ...Chapter 30 Time Settings VMG1312 B Series User s Guide 272 ...
Page 278: ...Chapter 32 Logs Setting VMG1312 B Series User s Guide 278 ...
Page 296: ...Chapter 36 Troubleshooting VMG1312 B Series User s Guide 296 ...
Page 336: ...Appendix C Pop up Windows JavaScripts and Java Permissions VMG1312 B Series User s Guide 336 ...
Page 350: ...Appendix D Wireless LANs VMG1312 B Series User s Guide 350 ...
Page 374: ...VMG1312 B Series User s Guide 374 Index ...