Abocom None ユーザーズマニュアル
-
15 -
EAP Method:
• PEAP: Protect Extensible Authentication Protocol. PEAP transport
securely authentication data by using tunnelling between PEAP
clients and an authentication server. PEAP can authenticate wireless
LAN clients using only server-side certificates, thus simplifying the
implementation and administration of a secure wireless LAN.
clients and an authentication server. PEAP can authenticate wireless
LAN clients using only server-side certificates, thus simplifying the
implementation and administration of a secure wireless LAN.
• TLS / Smart Card: Transport Layer Security. Provides for
certificate-based and mutual authentication of the client and the
network. It relies on client-side and server-side certificates to perform
authentication and can be used to dynamically generate user-based
and session-based WEP keys to secure subsequent communications
between the WLAN client and the access point.
network. It relies on client-side and server-side certificates to perform
authentication and can be used to dynamically generate user-based
and session-based WEP keys to secure subsequent communications
between the WLAN client and the access point.
• TTLS: Tunnelled Transport Layer Security. This security method
provides for certificate-based, mutual authentication of the client and
network through an encrypted channel. Unlike EAP-TLS, EAP-TTLS
requires only server-side certificates.
network through an encrypted channel. Unlike EAP-TLS, EAP-TTLS
requires only server-side certificates.
• EAP-FAST: Flexible Authentication via Secure Tunnelling. It was
developed by Cisco. Instead of using a certificate, mutual
authentication is achieved by means of a PAC (Protected Access
Credential) which can be managed dynamically by the authentication
server. The PAC can be provisioned (distributed one time) to the
client either manually or automatically. Manual provisioning is
delivery to the client via disk or a secured network distribution
method. Automatic provisioning is an in-band, over the air,
distribution. For tunnel authentication, only support "Generic Token
Card" authentication now.
authentication is achieved by means of a PAC (Protected Access
Credential) which can be managed dynamically by the authentication
server. The PAC can be provisioned (distributed one time) to the
client either manually or automatically. Manual provisioning is
delivery to the client via disk or a secured network distribution
method. Automatic provisioning is an in-band, over the air,
distribution. For tunnel authentication, only support "Generic Token
Card" authentication now.
• MD5-Challenge: Message Digest Challenge. Challenge is an EAP
authentication type that provides base-level EAP support. It provides
for only one-way authentication - there is no mutual authentication of
wireless client and the network. (Only Open and Shared
authentication mode can use this function.)
for only one-way authentication - there is no mutual authentication of
wireless client and the network. (Only Open and Shared
authentication mode can use this function.)
Tunnel Authentication:
• Protocol: Tunnel protocol, List information including
EAP-MSCHAP v2, EAP-TLS/ Smart Card, and Generic Token
Card.
Card.
• Tunnel Identity: Identity for tunnel.
• Tunnel Password: Password for tunnel.
Session Resumption: Reconnect the signal while broken up, to reduce
the packet and improve the transmitting speed. Users can click the box to
enable or disable this function.
the packet and improve the transmitting speed. Users can click the box to
enable or disable this function.
ID\PASSWORD tab: