Overview Of The User Credentials Tab; Client Certificates; Usernames And Passwords - Cisco AIR-CB21AG-W-K9 Installation And Configuration Manual

802.11a/b/g wireless lan client adapters windows vista

Hide thumbs Also See for AIR-CB21AG-W-K9:

Datasheet (8 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

Table of Contents

Chapter 3

Configuring EAP Types

Overview of the User Credentials Tab

The EAP-FAST module supports the use of both a client certificate and a username and password as user

credentials for authentication and provisioning.

Client Certificates

If a client certificate is used, the EAP-FAST module automatically obtains the client certificate from the

Windows certificate store of the current user. The EAP-FAST module finds the user certificate that

matches the username of the user who is logged on. The certificate cannot be expired.

If multiple user certificates are available, the EAP-FAST module prompts the user to select one, and that

selection is saved to the profile. By default, the user certificate is sent securely through TLS

renegotiation or through the EAP-TLS inner method in the protected TLS tunnel. If the EAP-FAST

server does not start TLS renegotiation to request the client certificate after the tunnel is established, then

the EAP-FAST module sends the certificate through the EAP-TLS inner method.

The EAP-FAST module administrator can configure the EAP-FAST module XML schema to send the

user certificate without using these security measures.

Usernames and Passwords

If a username and password are used, the user provide one of the following types of username and

password:

•

Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide for Windows Vista

OL-16534-01

Windows username and password—The Windows username and password are used as network

access credentials. The user is not prompted to enter the username and password unless the password

is invalid or must be changed.

Prompted user credentials—The user is prompted during authentication for credentials. These

credentials are credentials that are separate from the Windows username and password, such as

Lightweight Directory Access Protocol (LDAP) credentials.

Saved user credentials—These are user credentials that are entered as part of the EAP-FAST

configuration. The user is not prompted for credentials during authentication unless the saved

credentials fail or have expired. New credentials that the user enters after successful authentication

are saved automatically in the configuration. The user does not have to return to the configuration

screen to change the old saved credentials.

One-time password (OTP)—The user must manually enter a OTP. New PIN mode and next token

mode for OTP are supported.

Configuring EAP-FAST

3-9

Table of Contents

Troubleshooting

This manual is also suitable for:

Aironet cb21ag Aironet pi21ag

Overview Of The User Credentials Tab; Client Certificates; Usernames And Passwords - Cisco AIR-CB21AG-W-K9 Installation And Configuration Manual

Overview of the User Credentials Tab

Client Certificates

Usernames and Passwords

Troubleshooting

Related Manuals for Cisco AIR-CB21AG-W-K9

Related Content for Cisco AIR-CB21AG-W-K9

This manual is also suitable for:

Table of Contents