3-26 MonarchNet2 Operating Instructions
Authentication Protocol
Type RADIUS
Server
Protocol
User ID &
Password
Certificate Private Key
Info File
LEAP No N/A
PEAP* N/A
TLS Required*
TTLS
Optional*
N/A
Enterprise
EAP-
FAST
PAP or
MSCHAPv2
Required
PAC* N/A
Personal PSK N/A
*PEAP This is only for server-side certificates.
*Optional Leaving the Certificate Root Key and the Certificate CN (common) names blank, no
validation of the host certificate is performed. The values are set to “null” and all host
certificates are accepted.
*Required The Print Server comes with a default Private Key Information File. You can either
download that file from the print server and add it to the TLS authentication server, or
overwrite a new one on the print server.
*PAC EAP-FAST does not use certificates to authenticate, but a PAC (Protected Access
Credential), which is managed dynamically by the server. The PAC is distributed one at a
time to the client manually or automatically.
See the following table of acceptable combinations:
Encryption
Authentication WEP WPA, WPA (TKIP), WPA2
Open
Shared
Static No
PSK
LEAP
PEAP
EAP-FAST
TLS*
TTLS
Dynamic Yes
* Load the local key before enabling TLS.