User certificate selection, User certificate installation, User certificate selection -9 – Symbol Technologies VC5090 User Manual

Page 85: User certificate installation -9

Advertising
background image

Wireless Applications

4 - 9

User Certificate Selection

If you checked the

User Certificate

check box on the

Tunneled Authentication

dialog box or if

TLS

is the selected

authentication type, the

Installed User Certificates

dialog box displays. Select a certificate from the drop-down

list of currently installed certificates before proceeding. The selected certificate’s name appears in the

drop-down list. If the required certificate is not in the list, install it.

Figure 4-8

Installed User Certificates Dialog Box

User Certificate Installation

To install a user certificate (EAP TLS only) and a server certificate for EAP TLS and PEAP authentication:

1.

Tap

Install Certificate

. The

Credentials

dialog box appears.

MS CHAP v2

MS CHAP v2 is a password based, challenge response, mutual authentication

protocol that uses the industry standard Message Digest 4 (MD4) and Data

Encryption Standard (DES) algorithms to encrypt responses. The authenticating

server challenges the access client and the access client challenges the

authenticating server. If either challenge is not correctly answered, the connection is

rejected. MS CHAP v2 was originally designed by Microsoft as a PPP authentication

protocol to provide better protection for dial-up and virtual private network (VPN)

connections. With Windows XP SP1, Windows XP SP2, Windows Server 2003, and

Windows 2000 SP4, MS CHAP v2 is also an EAP type.

PAP

Password Authentication Protocol (PAP) has two variations: PAP and CHAP PAP. It

verifies a user name and password for PPP Internet connections, but it is not as

secure as CHAP, since it works only to establish the initial link. PAP is also more

vulnerable to attack because it sends authentication packets throughout the network.

Nevertheless, PAP is more commonly used than CHAP to log in to a remote host like

an Internet service provider.

MD5

Message Digest-5 (MD5) is an authentication algorithm developed by RSA. MD5

generates a 128-bit message digest using a 128-bit key, IPSec truncates the

message digest to 96 bits.

Table 4-8

TTLS Tunneled Authentication Options (Continued)

TTLS Tunneled

Authentication

Description

Advertising
Popular Brands
Popular manuals