PLANET VIP-191 User Manual

Page 118

Advertising
background image

client joins the WLAN. If not, the client remains blocked. Subsequent handshake then takes place

between the WLAN phone and the AP, to complete the process of authentication, establishing and

installing the TKIP encryption keys. As the WLAN phone begins WiFi communication, encryption

protects the data exchanged between the phone and the AP.

The following table illustrates the comparison among different EAP authentication types:

PEAP

EAP-TLS

EAP-TTLS

User Authentication

Database and Server

OTP, LDAP, NDS,

NT Domains, Active

Directory

LDAP, NT Domains,

Active Directory

OTP, LDAP, NDS,

NT Domains, Active

Director

Native Operating

System Support

1

Windows XP, 2000

Windows XP, 2000

Windows XP, 2000,

ME, 98, WinCE,

Pocket PC2000,

Mobile 2003

User Authentication

Method

Password or OTP

2 3

Digital Certificate

Password or OTP

4

Authentication

Transaction

Overhead

Moderate Substantial

Moderate

Management

Deployment

Complexity

Moderate.

Digital Certificate For

Server

Substantial.

Digital Certificate Per

Client and For

Server

Moderate.

Digital Certificate For

Server

Single Sign On

Yes

5

Yes Yes

Table 8. WPA encryption description

L

Note

1. Other operating systems can be supported with

supplicants.

2. OTP and Token are types of 2-Factor authentication.

3. Requires a server side certificate.

4. OTP and Token are types of 2-Factor authentication.

5.

Microsoft PEAP (EAP-MSCHAPv2) affords single sign on for

Windows. Other supplicants may afford other single sign

on login mechanisms.

To obtain an certificate containing your personal credentials to the WLAN phone, you can either

download it from your network carrier’s web site, or install it with any floppy disks that your network

carrier release to you together with the WLAN phone. To add the certificate on to the phone, please

refer to the

Appendix C

.

118

Advertising