3.2.1.3 802.1x Setting-Certification
Parameter Description
Authentication Type
The EAP authentication protocols this card has supported are
included as follows. This setting has to be consistent with the
wireless APs or Routers that the card intends to connect.
PEAP &TTLS
– PEAP and TTLS are similar and easier than TLS
in that they specify a stand-alone authentication protocol be used
within an encrypted tunnel. TTLS supports any protocol within its
tunnel, including CHAP, MS-CHAP, MS-CHAPv2, PAP and
EAP-MD5. PEAP specifies that an EAP-compliant authentication
protocol must be used; this card supports EAP-MSCHAP v2,
EAP-TLS/Smart card and Generic Token Card. The client
certificate is optional required for the authentication.
TLS/Smart Card
–TLS is the most secure of the EAP protocols
but not easy to use. It requires that digital certificates be
exchanged in the authentication phase. The server presents a
certificate to the client. After validating the server’s certificate, the
client presents a client certificate to the server for validation.
MD5-Challenge –
MD5-Challenge is the easiest EAP Type. It
requires the wireless station to enter a set of user name and
password as the identity to RADIUS Server.
Session Resumption
There are “Disabled”, “Reauthentication”, “Roaming”, “SameSsid”
and “Always” selections for you to choose whether to recovery the
session in different status.
Identity
Enter the name as the identity for the server.
Password
Enter the password as the identity for the server.
Use Client Certificate
A client certificate is required for TLS, and is optional for TTLS and
PEAP. This forces a client certificate to be selected from the
appropriate Windows Certificate Store and made available to the
RADIUS server for certification.
18 AirLive WT-2000USB User’s Manual