Psion Inc 7505BTHC25 ユーザーズマニュアル
Appendix A: Summit Client Utility (SCU)
EAP Credentials
iKôn Rugged PDA (Windows Mobile 6) User Manual
A-5
•
EAP-MSCHAPV2, resulting in PEAP-MSCHAP: This is appropriate for use against
Windows Active Directory and domains.
•
EAP-GTC, resulting in PEAP-GTC: This is for authentication with one-time passwords
(OTPs) against OTP data bases such as SecureID.
•
LEAP: Is an authentication method for use with Cisco WLAN access points. LEAP
does not require the use of server or client certificates. LEAP supports Windows Active
Directory and domains but requires the use of strong passwords to avoid vulnerability to
off-line dictionary attacks.
•
EAP-FAST: Is a successor to LEAP and does not require strong passwords to protect
against off-line dictionary attacks. Like LEAP, EAP-FAST does not require the use of
server or client certificates and supports Windows Active Directory and domains.
SCU EAP Types
The following EAP types are supported by the integrated supplicant and can be configured
in SCU: PEAP-MSCHAP, PEAP-GTC, LEAP and EAP-FAST. With each of these four
types, if authentication credentials are not stored in the config, you will be prompted to enter
credentials the first time the radio attempts to associate to an access point that supports
802.1X (EAP).
Consider the following when configuring one of the EAP types:
•
The following EAP types are supported by the integrated supplicant and can be configured
in SCU: PEAP-MSCHAP, PEAP-GTC, LEAP and EAP-FAST. With each of these four
types, if authentication credentials are not stored in the config, you will be prompted to enter
credentials the first time the radio attempts to associate to an access point that supports
802.1X (EAP).
Consider the following when configuring one of the EAP types:
•
PEAP-GTC: SCU supports static (login) passwords only.
•
LEAP: Strong passwords are recommended.
•
EAP-FAST: SCU supports automatic, not manual, PAC provisioning.
EAP-TLS will work with a 802.11b/g radio module when Windows Zero Config (WZC)
rather than the SCU is used to configure the type. With WZC, the native Windows suppli-
cant instead of the SCU integrated supplicant is used.
rather than the SCU is used to configure the type. With WZC, the native Windows suppli-
cant instead of the SCU integrated supplicant is used.
A.3.2
EAP Credentials
Keep the following in mind when defining security settings:
•
•
If the credentials specified in the config are incorrect and that config is used, the authen-
tication fails without an error message; you will not be prompted to enter correct
credentials.
•
If the credentials are not specified in the config, when the radio tries to associate using
that config, you will be prompted to enter the credentials.
Note: PEAP and EAP-TLS require the use of Windows facilities for the configuration
of digital certificates.