3 802.1x setting-certification – Topcom SKYR@CER USB 4001G User Manual

3.2.1.3 802.1x Setting-Certification

Parameter Description

Authentication Type

The EAP authentication protocols this adaptor has supported are

included as follows. This setting has to be consistent with the

wireless APs or Routers that the adaptor intends to connect.

PEAP &TTLS – PEAP and TTLS are similar and easier than TLS

in that they specify a stand-alone authentication protocol be used

within an encrypted tunnel. TTLS supports any protocol within its

tunnel, including CHAP, MS-CHAP, MS-CHAPv2, PAP and

EAP-MD5. PEAP specifies that an EAP-compliant authentication

protocol must be used; this adaptor supports EAP-MSCHAP v2,

EAP-TLS/Smart Card and Generic Token Card. The client

certificate is optional required for the authentication.

TLS/Smart Card –TLS is the most secure of the EAP protocols

but not easy to use. It requires that digital certificates be

exchanged in the authentication phase. The server presents a

certificate to the client. After validating the server’s certificate, the

client presents a client certificate to the server for validation.

MD5-Challenge – MD5-Challenge is the easiest EAP Type. It

requires the wireless station to enter a set of user name and

password as the identity to RADIUS Server.

Session Resumption

There are “Disabled”, “Reauthentication”, “Roaming”, “SameSsid”

and “Always” selections for you to choose whether to recovery the

session in different status.

Identity

Enter the name as the identity for the server.

Password

Enter the password as the identity for the server.

Use Client Certificate

A client certificate is required for TLS, and is optional for TTLS and

PEAP. This forces a client certificate to be selected from the

appropriate Windows Certificate Store and made available to the

RADIUS server for certification.

16