Gateway 7001 Series Network Card User Manual


 
129
www.gateway.com
Configuring IEEE 802.1x security on a client
IEEE 802.1x is the standard defining port-based authentication and infrastructure for doing
key management. Extensible Authentication Protocol (EAP) messages are sent over an IEEE
802.11 wireless network using a protocol called EAP Encapsulation Over LANs (EAPOL).
IEEE 802.1x provides dynamically-generated keys that are periodically refreshed. An RC4
stream cipher is used to encrypt the frame body and cyclic redundancy checking (CRC)
of each 802.11 frame.
IEEE 802.1x client using EAP/PEAP
The Built-In Authentication Server on the Gateway 7001 AP uses Protected Extensible
Authentication Protocol (EAP) referred to here as “EAP/PEAP”.
If you are using the Built-in Authentication server with “IEEE 802.1x” security mode
on the Gateway 7001 AP, then you will need to set up wireless clients to use PEAP.
Additionally, you may have an external RADIUS server that uses EAP/PEAP. If so, you
will need to (1) add the Gateway 7001 AP to the list of RADIUS server clients, and (2)
configure your IEEE 802.1x wireless clients to use PEAP.
If you configured the Gateway 7001 AP to use IEEE 802.1x security mode, as shown in
the following illustration, you need to configure IEEE 802.1x security with PEAP
authentication on each client.
Important The following example assumes you are using the Built-in
Authentication server that comes with the Gateway® 7001 AP. If you
are setting up EAP/PEAP on a client of an AP that is using an external
RADIUS server, the client configuration process will differ somewhat
from this example especially with regard to certificate validation.