Motorola MT2090 用户手册
Operating the MT2070/MT2090 2 - 51
User Certificate Selection
If the user checked the User Certificate check box on the Tunneled Authentication dialog or if TLS is the selected
authentication type, the Installed User Certificates dialog displays. Select a certificate from the drop-down list of
currently installed certificates before proceeding. The selected certificate’s name appears in the drop-down list. If
the required certificate is not in the list, install it.
authentication type, the Installed User Certificates dialog displays. Select a certificate from the drop-down list of
currently installed certificates before proceeding. The selected certificate’s name appears in the drop-down list. If
the required certificate is not in the list, install it.
Figure 2-56
Installed User Certificates Dialog Box
MS CHAP v2
X
X
X
Microsoft Challenge Handshake Authentication Protocol version 2 (MS
CHAP v2) is a password-based, challenge-response, mutual
authentication protocol that uses the industry-standard Message Digest
4 (MD4) and Data Encryption Standard (DES) algorithms to encrypt
responses. The authenticating server challenges the access client and
the access client challenges the authenticating server. If either
challenge is not correctly answered, the connection is rejected. MS
CHAP v2 was originally designed by Microsoft as a PPP authentication
protocol to provide better protection for dial-up and virtual private
network (VPN) connections. With Windows XP SP1, Windows XP SP2,
Windows Server 2003 and Windows 2000 SP4, MS CHAP v2 is also an
EAP type.
CHAP v2) is a password-based, challenge-response, mutual
authentication protocol that uses the industry-standard Message Digest
4 (MD4) and Data Encryption Standard (DES) algorithms to encrypt
responses. The authenticating server challenges the access client and
the access client challenges the authenticating server. If either
challenge is not correctly answered, the connection is rejected. MS
CHAP v2 was originally designed by Microsoft as a PPP authentication
protocol to provide better protection for dial-up and virtual private
network (VPN) connections. With Windows XP SP1, Windows XP SP2,
Windows Server 2003 and Windows 2000 SP4, MS CHAP v2 is also an
EAP type.
PAP
X
Password Authentication Protocol (PAP) has two variations: PAP and
CHAP PAP. It verifies a user name and password for PPP Internet
connections, but it is not as secure as CHAP, since it works only to
establish the initial link. PAP is also more vulnerable to attack because
it sends authentication packets throughout the network. Nevertheless,
PAP is more commonly used than CHAP to log in to a remote host like
an Internet service provider.
CHAP PAP. It verifies a user name and password for PPP Internet
connections, but it is not as secure as CHAP, since it works only to
establish the initial link. PAP is also more vulnerable to attack because
it sends authentication packets throughout the network. Nevertheless,
PAP is more commonly used than CHAP to log in to a remote host like
an Internet service provider.
TLS
X
X
EAP TLS is used during phase 2 of the authentication process. This
method uses a user certificate to authenticate.
method uses a user certificate to authenticate.
Table 2-9
Tunneled Authentication Options (Continued)
Tunneled
Authentication
Authentication Type
Description
PEAP
TTLS
EAP-FAST