802.1x setting/CertiFiCation
The EAP authentication protocols supported by this
adapter require that settings be consistent with the wireless access
points or routers that the adapter is intended to connect.
These protocols are similar and easier to use than
TLS (below) in that they specify a stand-alone authentication protocol
to be used within an encrypted tunnel. TTLS supports any protocol
within its tunnel, including CHAP, MS-CHAP, MS-CHAPv2, PAP and
EAP-MD5. PEAP species that an EAP-compliant authentication
protocol be used; this adapter supports EAP-MSCHAP v2, EAP-TLS/
Smart Card and Generic Token Card. The client certicate is optional.
This is the most secure of the EAP protocols, but
isn’t easy to use: It requires that digital certicates be exchanged in
16
CONFIGURATION
RADIUS
Server
Windows 2000 IAS
(Internet Authentication
Service)
IEEE 802.1x
Access Client
Access Point
RADIUS
Client
1
2
3
4
(2) Login with username,
password.
(1) Client requests to login the
network.
(4) Approve or deny user
login to the LAN.
(3) Send username, password to
RADIUS server.
1
2
4
3
1 Client requests to log in to the network 3 Username and password sent to RADIUS server
2 Log in with username and password 4 User login to the LAN approved or denied
IEEE 802.1x Access Client RADIUS Client RADIUS Server