SMC Networks SMCWUSBS-N User Manual

Configuration

3-8

• Tunnel Authentication – Selects the tunnel authentication protocol. This

pull-down menu is only available when the authentication type is PEAP or TTLS.
When EAP-FAST is used, the protocol setting is always Generic Token Card and
cannot be changed.
- EAP-MSCHAP v2 – This authentication uses a dynamic session-based WEP

key derived from the client adapter and RADIUS server to encrypt data.

- EAP-TLS / SmartCard – This authentication type uses a dynamic

session-based WEP key derived from the client adapter and RADIUS server to
encrypt data. It uses a client certificate for authentication.

- Generic Token Card – This authentication uses a dynamic session-based WEP

key derived from the client adapter and RADIUS server to encrypt data.

- CHAP – This authentication uses an MD5 one-way encryption scheme to hash

the response to a challenge issued by the authenticator. It requires passwords
to be stored in a reversibly encrypted form.

- MS-CHAP – This authentication is similar to CHAP, the main difference is that

with MS-CHAP the password only needs to be stored as a MD4 hash instead of
a reversibly encrypted form.

- MS-CHAP-V2 – MS-CHAP v2 is similar to MS-CHAP with the difference that the

server also authenticates itself with the client.

- PAP – PAP provides a simple method for a remote node to establish its identity

using a two-way handshake. A username and password pair is repeatedly sent
by the remote node across the link until authentication is acknowledged.

• ID / Password – Configures the identity an password for authentication.

- Authentication ID / Password – Identity, password and domain name of the

server. Only "EAP-FAST" and "LEAP" authentication require a domain name.

- Tunnel ID / Password – Identity and Password of the authentication server.

• Client Certification – Enable client certification.

- Use Client Certification – If PEAP or TTLS is selected as the authentication

method, you can use a certificate stored in the local computer. If TLS/Smart
Card is used, this box is always checked.

• Server Certification – Enable server certification.

- User Cerificate Chain – Enable the use of certificate chain and select a

certification authority (CA) server.

- Allow Intermediate certificates – Enable the use of intermediate certificates.
- Sever Name – Input the server name of CA server here.
- Server Name must match exactly – Enable the wireless configuration utility to

check that the CA server name setting matches with the connected CA server.
If not, the connection is dropped.

- Domain Name must end in specified name – Enable the wireless

configuration utility to check the end of domain name. If defects are found, the
connection is dropped.

Click OK to confirm the configuration or click Cancel to cancel the settings.