Us ing PEAP-GTC Sec ur ity
I mpor ta nt Note !
To use PE AP (E AP -G TC) securi ty, the se rv er m us t hav e WP A-PE AP
ce rtifica tes, a nd the Ce r ti fica te Authori ty (CA) serv er pr oper ties must alrea dy be se t
up. Please che ck w ith your I T a dm inistra tor.
To use PEAP security, access the Security tab in the Profile Management
window.
1. In the ACU, edit the security settings by clicking New or Modify on the
Profile Management tab.
2. Choose a profile to edit, or name the new profile in the Profile
Management window. Enter the SSID of the access point the client computer
connects to.
3. On the Security tab, choose the WPA radio button.
OR: On the Security tab, choose the 802.1x radio button.
4. Choose PEAP (EAP-GTC) or PEAP (EAP-MSCHAP V2) from the
drop-down menu.
z
PEAP (EAP-GTC) authentication is designed to support one-time Password (OTP), Windows
2000 domain, and L DAP user databases over a wireless LAN. It is based on EAP-TLS
authentication but uses a password instead of a client certificate for authentication. PEAP
(EAPGTC) uses a dynamic session-based WEP key derived from the USB device and RADIUS
server to encrypt data.
Networks that use an OTP user database require entering a hardware or software token
password to start the PEAP (EAP-GTC) authentication process and to gain access to the
network. Networks that use a Windows 2000 domain user database or an L DAP user database
(such as NDS) require entering a username, password, and domain name in order to start the
PEAP (EAP-GTC) authentication process.
z
The PEAP (EAP-MSCHAP V2) authentication type is based on EAPTLS authentication, but uses
password instead of a client certificate for authentication. PEAP (EAP-MSCHAP V2) uses a
dynamic session-based WEP key, which is derived from the USB device and RADIUS server, to
encrypt data.
To u se PEA P-GTC secu rit y In the A the ro s Client Utility , ac ce ss the
Se cu rity tab
in the
P rofile Management windo w.
1.
On the S ecu rity tab, choo se t he WPA radio b utton .
2.
O R: On t he Se curit y tab, choo se the 8 02.1x radio butto n.
3.
Choo se PEAP (EAP -GTC) f rom the dro p-d own menu.
4.
Cli c k the
Configu re
bu tton.
5.
Sele ct the app rop riate ne two rk ce rtificate autho rity f rom the dro p-d own li st.
6.
Spe cify a u ser name fo r inne r PEAP tunnel authen tication:
–
Chec k
Use Windows Use r Name
to u se the Windo ws u ser name a s the PEAP
u ser name.
–
O R: Ente r a PEAP u se r name in the User Name field to u se a sepa rat e u se r
name and start the PEAP authenti cation p ro ce ss.
19