Symbol Technologies VC5090 Personal Computer User Manual


 
Wireless Applications 4 - 9
User Certificate Selection
If you checked the User Certificate check box on the Tunneled Authentication dialog box or if TLS is the selected
authentication type, the
Installed User Certificates dialog box displays. Select a certificate from the drop-down
list of currently installed certificates before proceeding. The selected certificate’s name appears in the
drop-down list. If the required certificate is not in the list, install it.
Figure 4-8
Installed User Certificates Dialog Box
User Certificate Installation
To install a user certificate (EAP TLS only) and a server certificate for EAP TLS and PEAP authentication:
1. Tap Install Certificate. The Credentials dialog box appears.
MS CHAP v2 MS CHAP v2 is a password based, challenge response, mutual authentication
protocol that uses the industry standard Message Digest 4 (MD4) and Data
Encryption Standard (DES) algorithms to encrypt responses. The authenticating
server challenges the access client and the access client challenges the
authenticating server. If either challenge is not correctly answered, the connection is
rejected. MS CHAP v2 was originally designed by Microsoft as a PPP authentication
protocol to provide better protection for dial-up and virtual private network (VPN)
connections. With Windows XP SP1, Windows XP SP2, Windows Server 2003, and
Windows 2000 SP4, MS CHAP v2 is also an EAP type.
PAP Password Authentication Protocol (PAP) has two variations: PAP and CHAP PAP. It
verifies a user name and password for PPP Internet connections, but it is not as
secure as CHAP, since it works only to establish the initial link. PAP is also more
vulnerable to attack because it sends authentication packets throughout the network.
Nevertheless, PAP is more commonly used than CHAP to log in to a remote host like
an Internet service provider.
MD5 Message Digest-5 (MD5) is an authentication algorithm developed by RSA. MD5
generates a 128-bit message digest using a 128-bit key, IPSec truncates the
message digest to 96 bits.
Table 4-8
TTLS Tunneled Authentication Options (Continued)
TTLS Tunneled
Authentication
Description