Справочник Пользователя для CNet Technology CUA854
25
Table 4-6 Authentication: 802.1x Setting: Ceritication
L
A B E L
D
E S C R I P T I O N
Authentication Type
PEAP: Protected Extensible Authentication Protocol. PEAP transports
authentication data by using tunneling between PEAP clients and an
authentication server. PEAP can authenticate wireless LAN clients using
only server-side certificates, thus simplifying the implementation and
administration of a secure wireless LAN.
TLS
authentication data by using tunneling between PEAP clients and an
authentication server. PEAP can authenticate wireless LAN clients using
only server-side certificates, thus simplifying the implementation and
administration of a secure wireless LAN.
TLS
/
/
/
/
Smart Card: Transport Layer Security, provides with
certificate-based and mutual authentication of the client and the network.
It relies on client-side and server-side certificates to perform
authentication and can be used to dynamically generate user-based and
session-based WEP keys to secure subsequent communications
between the WLAN client and the access point.
TTLS: Tunneled Transport Layer Security, this security method provides
for certificate-based, mutual authentication of the client and network
through an encrypted channel. Unlike EAP-TLS, EAP-TTLS requires
only server-side certificates.
MD5-Challenge: Message Digest Challenge, is an EAP authentication
type that provides base-level EAP support. It only supports one-way
authentication i.e. there is no mutual authentication of wireless client and
the network. It’s only valid for profile’s authentication type to be none or
shared.
It relies on client-side and server-side certificates to perform
authentication and can be used to dynamically generate user-based and
session-based WEP keys to secure subsequent communications
between the WLAN client and the access point.
TTLS: Tunneled Transport Layer Security, this security method provides
for certificate-based, mutual authentication of the client and network
through an encrypted channel. Unlike EAP-TLS, EAP-TTLS requires
only server-side certificates.
MD5-Challenge: Message Digest Challenge, is an EAP authentication
type that provides base-level EAP support. It only supports one-way
authentication i.e. there is no mutual authentication of wireless client and
the network. It’s only valid for profile’s authentication type to be none or
shared.
Session Resumption
User can choose Disabled, Reauthenticate, Roaming, SameSsid or
Always.
Always.
Identity
Enter the Identity for server
Password
Enter the Password for server
Use Client Certificate
Enable the client certificate for server authentication.
Tunnel Authentication
Protocol
Tunnel protocol, List information includes EAP-MSCHAP,
EAP-MSCHAP v2, CAHAP and MD5.
EAP-MSCHAP v2, CAHAP and MD5.
Identity
Enter Identity for tunnel
Password
Enter Password for tunnel
If you want to use CA server, please click CA Server page. Depending on the EAP in use, only
the server or both the server and client may be authenticated and require a certificate. Server
certificates identify a server, usually an authentication or RADIUS server to clients. Most EAPs
require a certificate issued by a root authority or a trusted commercial CA.