Psion Teklogix 9160 G2 Wireless Gateway User Manual C-27
Appendix C: Security Settings On Wireless Clients And RADIUS Server Setup
WPA/WPA2 Enterprise (RADIUS) Client Using EAP-TLS Certificate
1. Configure the following settings on the Association tab on the Network
Properties dialog.
2. Configure these settings on the Authentication tab.
3. Click Properties to bring up the Smart Card or other Certificate Prop-
erties dialog and enable the Validate server certificate option.
Click OK on all dialogs to close and save your changes.
4. To complete the client configuration you must now obtain a certificate
from the RADIUS server and install it on this client. For information on
how to do this see “Obtaining A TLS-EAP Certificate For A Client” on
page C-34.
Logging On To The Wireless Network With A WPA Client Using A Certificate
WPA clients should now be able to connect to the access point using their TLS
certificates. The certificate you installed is used when you connect, so you will not
be prompted for logon information. The certificate is automatically sent to the
RADIUS server for authentication and authorization.
Network Authentication
WPA
Data Encryption
TKIP
or
AES
depending on how this option is configured on the access point.
Note: When the Cipher Suite on the access point is set to “Both”, then TKIP cli-
ents with a valid TKIP key and AES clients with a valid CCMP (AES) key
can
associate with the access point. For more information, see Online Help on
the access point.
Table C.13 Association Settings
Enable IEEE 802.1x authentication for this network
Enable
(click to check) this option.
EAP Type
Choose
Smart Card or other Certificate
.
Table C.14 Authentication Settings
Validate Server Certificate
Enable
this option (click to check the box).
Certificates In the certificate list shown, select the
certificate
for this client.
Table C.15 Smart Card Or Other Certificate Properties Settings