Filter
Top Products
Chapter 6 WiMAX
WiMAX Device Configuration User’s Guide
76
This screen contains the following fields:
Table 14 Authentication Settings
LABEL DESCRIPTION
Authentication
Mode
Select the authentication mode from the list.
The WiMAX Device supports the following authentication modes:
• No authentication
• User authentication
• Device authentication
• User and device authentication
Data Encryption
AES-CCM Select this to enable AES-CCM encryption. CCM combines counter-mode
encryption with CBC-MAC authentication.
AES-CBC Select this to enable AES-CBC encryption. CBC creates message authentication
code from a block cipher.
Key Encryption
AES-key wrap Select this encapsulate cryptographic keys in a symmetric encryption algorithm.
AES-ECB Select this to divide cryptographic keys into blocks and encrypt them separately.
EAP Supplicant
EAP Mode Select an Extensible Authentication Protocol (EAP) mode.
The WiMAX Device supports the following:
• EAP-TLS - In this protocol, digital certifications are needed by both the
server and the wireless clients for mutual authentication. The server presents
a certificate to the client. After validating the identity of the server, the client
sends a different certificate to the server. The exchange of certificates is done
in the open before a secured tunnel is created. This makes user identity
vulnerable to passive attacks. A digital certificate is an electronic ID card that
authenticates the sender’s identity. However, to implement EAP-TLS, you
need a Certificate Authority (CA) to handle certificates, which imposes a
management overhead.
• EAP-TTLS - This protocol is an extension of the EAP-TLS authentication that
uses certificates for only the server-side authentications to establish a secure
connection. Client authentication is then done by sending username and
password through the secure connection, thus client identity is protected. For
client authentication, EAP-TTLS supports EAP methods and legacy
authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2.
Anonymous
ID
Enter the anonymous ID used for EAP supplicant authentication.
Server Root
CA Cert File
Browse for and choose a server root certificate file, if required.
Server Root
CA Info
This field displays information about the assigned server root certificate.
Device Cert
File
Browse for and choose a device certificate file, if required.
Before you import certificate from WebGUI, the certificate file must be signed by
chipset vendor due to security reason.
Device Cert
Info
This field displays information about the assigned device certificate.
Device Private
Key
Browse for and choose a device private key, if required.
Device Private
Key Info
This field displays information about the assigned device private key.
Device Private
Key Password
Enter the device private key, if required.