Setting - CNET CWP-906 User Manual

4.3.2 802.1x Setting
802.1x is used for authentication of the "WPA" and "WPA2" certificate by the server.
Authentication type:
1. PEAP: Protect Extensible Authentication Protocol. PEAP transport securely authenticates data by using tunneling be-
tween PEAP clients and an authentication server. PEAP can authenticate wireless LAN clients using only server-side cer-
tificates, thus simplifying the implementation and administration of a secure wireless LAN.
2. TLS/Smart Card: Transport Layer Security. Provides for certificate-based and mutual authentication of the client and
the network. It relies on client-side and server side certificates to perform authentication and can be used to dynamically
generate user-based and session-based WEP keys to secure subsequent communications between the WLAN client and the
access point.
3. TTLS: Tunneled Transport Layer Security. This security method provides for certificate-based, mutual authentication
of the client and network through an encrypted channel. Unlike EAP-TLS, EAP-TTLS requires only server-side certifi-
cates.
4. EAP-FAST: Flexible Authentication via Secure Tunneling. It was developed by Cisco. Instead of using a certificate,
mutual authentication is achieved by means of a PAC (Protected Access Credential) which can be managed dynamically by
the authentication server. The PAC can be supplied (distributed one time) to the client either manually or automatically.
Manually, it is delivered to the client via disk or a secured network distribution method. Automatically, it is supplied as an
in-band, over the air, distribution. For tunnel authentication, only support "Generic Token Card" authentication.
5. LEAP: Light Extensible Authentication Protocol is an EAP authentication type used primarily by Cisco Aironet
WLANs. It encrypts data transmissions using dynamically generated WEP keys, and supports mutual authentication.
6. MD5-Challenge: Message Digest Challenge. Challenge is an EAP authentication type that provides base-level EAP
support. It provides for only one-way authentication - there is no mutual authentication of wireless client and the network.
Session Resumption: The user can choose "Disable" and "Enable".
Tunnel Authentication:
a. Protocol: Tunnel protocol, List information include "EAP-MSCHAP v2", "EAPTLS/Smart card",
"Generic Token Card", "CHAP", "MS-CHAP", "MS-CHAP-V2","PAP" and "EAP-MD5".
b. Tunnel Identity: Identity for tunnel.
c. Tunnel Password: Password for tunnel.
CNet Technology Inc.
www.CNet.com.tw