Set up a client with ttls network authentication, Ttls – Intel 3945ABG User Manual

two options below has been selected.

Server name must match the specified entry exactly: When selected, the

server name must match exactly the server name found on the certificate. The

server name should include the complete domain name (for example,

Servername.Domain name).

Domain name must end with the specified entry: When selected, the server

name identifies a domain, and the certificate must have a server name that

belongs to this domain or to one of its subdomains (for example, zeelans.com,

where the server is blueberry.zeelans.com). NOTE: These parameters should be

obtained from the administrator.

NOTE: These parameters should be obtained from the administrator.

2. Click OK to save the setting and close the page.

Set up a Client with TTLS Network Authentication

TTLS authentication: These settings define the protocol and credentials used to authenticate a user. The client

uses EAP-TLS to validate the server and create a TLS-encrypted channel between the client and server. The client

can use another authentication protocol, typically password-based protocols (for example, MD5 Challenge over

this encrypted channel to enable server validation). The challenge and response packets are sent over a non-

exposed TLS encrypted channel. The following example describes how to use WPA with AES-CCMP encryption

with TTLS authentication.

To set up a client with TTLS Network Authentication:

1. Click Profiles on the Intel PROSet/Wireless main window.

2. On the Profile page, click Add to open the Profile Wizard's General Settings.

3. Profile Name: Enter a descriptive profile name.

4. Wireless Network Name (SSID): Enter the network identifier.

5. Operating Mode: Click Network (Infrastructure).

6. Click Next to access the Security Settings.

7. Click Enterprise Security.

8. Network Authentication: Select WPA-Enterprise or WPA2-Enterprise.

9. Data Encryption: Select one of the following:

❍

TKIP provides per-packet key mixing, a message integrity check and a rekeying mechanism.

❍

AES-CCMP (Advanced Encryption Standard - Counter CBC-MAC Protocol) is used as the data

encryption method whenever strong data protection is important.

AES-CCMP

is recommended.

10. Enable 802.1x: Selected.

11. Authentication Type: Select TTLS to be used with this connection.

Step 1 of 2: TTLS User

1. Authentication Protocol: This parameter specifies the authentication protocol operating over the TTLS

tunnel. The protocols are:

PAP

(Default),

CHAP

,

MD5

,

MS-CHAP

and

MS-CHAP-V2

. See

Security Overview

for more information.

For PAP, CHAP, MD5, MS-CHAP, and MS-CHAP-V2 protocols, select one of these authentication

methods:

●

Use the Windows logon: Select to retrieve the user's credentials from the user's Windows

logon process.