Filter
Top Products
Wireless network environment
6.
6
•
Inner Authentication Protocol
: EAP-TTLS and PEAP allow
for standard RADIUS protocols within their inner tunnel.
User authentication is performed by a password. The
password credentials are transported in a securely encrypted
tunnel that is established using the server certificate. EAP-
TTLS supports EAP-MD5, CHAP, MS-CHAP, and MS-CHAPv2.
PEAP supports EAP-MD5 and MSCHAPv2 as inner
authentications.
•
Identity Name
: EAP-TTLS has a unique feature, TTLS
Identity, that other EAP authentication protocols do not offer.
It passes your user name through an encrypted tunnel
(generally called tunneled TLS) as your credentials. It uses
TTLS Identity as your credentials before the encrypted
tunnel is created.
•
User Name
: 802.1x EAP authentication methods, such as
EAP-MD5, EAP-MSCAHPv2, EAP-TTLS, and PEAP, require an
EAP user name as an account name. A user name is
necessary, if 802.1x authentication is enabled. This is not
saved as the default value.
•
User Password
: 802.1x EAP authentication methods, such
as EAP-MD5, EAP-MSCAHPv2, EAP-TTLS, and PEAP, require
an EAP user password as an account password. A user
password is necessary, if 802.1x authentication is enabled.
This is not saved as the default value.
•
Root certificate
: You can install a root certificate. To be
installed on the Samsung Wireless Network Printer Card, a
root certificate must be in the form of Base64 Encoded
X.509 with a .cer extension and be less than 3,072 bytes.
EAP-TLS, EAP-TTLS, and PEAP authentications need root
certificates.
1. Click
Configure
.
If the root certificate has been configured, detailed
information on the root certificate displays.
2. Select the root certificate file.
3. Upload the file and click
back
to return to the front page.
•
Client certificate
: You can install a client certificate. To be
installed on the Samsung Wireless Network Printer Card, a
client certificate must be in the form of PKCS #12 / Personal
Information Exchange with a .pfx extension and be less than
3,072 bytes. EAP-TLS authentication needs a client
certificate.
1. Click
Configure
.
If the client certificate has been configured, detailed
information on the client certificate displays.
2. Select the client certificate file.
3. Upload the file and click
back
to return to the front page.
NOTE
: You can make a certificate into a file using Windows
Console:
1. From the Windows Start menu, select
Run
.
2. Enter
mmc
in the Run dialogue box.
3. Select
File
Æ
Add/Remove Snap-in
.
4. Click
Add
, select
Certificate
, and then click
Add
.
5. In the Certificate Snap-in dialogue box, select
Computer
Account
and click
Next
Æ
Finish
Æ
Close
Æ
OK
.
6. Select the certificate you want to change to a file.
• When making a root certificate, select one of the
certificates in the trusted root certificate authority folder.
• When making a client certificate, select one of the
certificates in the personal folder.
7. Right-click the certificate and select
All task
Æ
Export
.
8. In the Certificate Export wizard, click
Next
.
9. Select
DER encoded X.509 Binary (.cer)
for a root
certificate, or
PKCS #12 (.PFX)
for a client certificate, and
click
Next
.
10. Enter a file name and click
Next
.
11. Click
Finish
to close the wizard.
•
Enable Server certificate Validation
: This option
determines whether or not the client authenticates the
server. If Server Certificate Validation is disabled, EAP-TTLS
and PEAP authentication do not require a root certificate.
In Enhanced Security mode, four authentications are provided
according to WPA authentication and 802.1x authentication. To
use each authentication in Enhanced Security mode, perform
the following steps:
Using WPA-PSK
1
Set Security Mode to
Enhanced Security
.
2
Set WPA Authentication to
WPA-PSK
.
3
Choose
TKIP
or
AES
for encryption. The same encryption
algorithm must be configured on the access point.
4
Enter the WPA Shared Key as the secret key. The same
WPA Shared Key must be configured on the access point.
Using EAP-TLS
1
Set Security Mode to
Enhanced Security
.
2
Set WPA Authentication to
IEEE802.1x
.
3
Set 802.1x Authentication to
EAP-TLS
.
4
Choose
TKIP
,
AES
,
64-bit WEP
, or
128-bit WEP
for
encryption. The same encryption algorithm must be
configured on the access point.