Справочник Пользователя для Iconnect 572
January 13, 2009 / Version: 2.0
15
5. Specify the 802.1x information if you are using the 802.1X certification method.
Users that do not use this function or connecting to an open-wireless network please skip this
part.
A. EAP Method:
For Windows 2000 User:
There are total 5 modes: PEAP, TLS/Smart Card, TTLS, EAP-FAST, and
MD5-Challenge.
For Vista User:
There are total 4 modes: PEAP, TLS/Smart Card, EAP-FAST, and LEAP.
Please select an EAP method from the drop down list.
Items
Information
PEAP
Protect Extensible Authentication Protocol. PEAP transport securely authenticates
data by using tunneling between PEAP clients and an authentication server. PEAP can
authenticate wireless LAN clients using only server-side certificates, thus simplifying
the implementation and administration of a secure wireless LAN.
authenticate wireless LAN clients using only server-side certificates, thus simplifying
the implementation and administration of a secure wireless LAN.
TLS/Smart
Card
Transport Layer Security. Provides for certificate-based and mutual authentication of
the client and the network. It relies on client-side and server-side certificates to
perform authentication and can be used to dynamically generate user-based and
the client and the network. It relies on client-side and server-side certificates to
perform authentication and can be used to dynamically generate user-based and
session-based WEP keys to secure subsequent communications between the WLAN
client and the access point.
client and the access point.
TTLS
Tunneled Transport Layer Security. This security method provides for
certificate-based, mutual authentication of the client and network through an
encrypted channel. Unlike EAP-TLS, EAP-TTLS requires only server-side certificates.
certificate-based, mutual authentication of the client and network through an
encrypted channel. Unlike EAP-TLS, EAP-TTLS requires only server-side certificates.
EAP-FAST
Flexible Authentication via Secure Tunneling. It was developed by Cisco. Instead of
using a certificate, mutual authentication is achieved by means of a PAC (Protected
Access Credential) which can be managed dynamically by the authentication server.
using a certificate, mutual authentication is achieved by means of a PAC (Protected
Access Credential) which can be managed dynamically by the authentication server.
The PAC can be supplied (distributed one time) to the client either manually or
automatically. Manually, it is delivered to the client via disk or a secured network
automatically. Manually, it is delivered to the client via disk or a secured network
distribution method. Automatically, it is supplied as an in-band, over the air,
distribution. For tunnel authentication, only support "Generic Token Card"
distribution. For tunnel authentication, only support "Generic Token Card"
authentication.
MD5-
Challenge
Message Digest Challenge. Challenge is an EAP authentication type that provides
base-level EAP support. It provides for only one-way authentication - there is no
base-level EAP support. It provides for only one-way authentication - there is no
mutual authentication of wireless client and the network.
LEAP
Light Extensible Authentication Protocol is an EAP authentication type used primarily
by Cisco Aironet WLANs. It encrypts data transmissions using dynamically generated
by Cisco Aironet WLANs. It encrypts data transmissions using dynamically generated
WEP keys, and supports mutual authentication.
A
B
C