Cisco AIR-CB21AG-W-K9 Installation And Configuration Manual page 62

802.11a/b/g wireless lan client adapters windows vista

Hide thumbs Also See for AIR-CB21AG-W-K9:

Datasheet (8 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

Table of Contents

Configuring EAP-FAST

Table 3-1

Connection Settings

Validate server certificate

Connect to only these servers

Trusted Root CA

Do not prompt user to authorize

new servers or trusted

certificate authorities.

Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide for Windows Vista

3-8

Connection Settings (continued)

Description

Check this box to use an authenticated server certificate to establish

a tunnel. You can check both the Use Protected Access Credentials

(PAC) box and the Validate Server Certificate box at the same time.

If both are checked, you can select one or more Trusted Root CA

certificates from the list of trusted Certificate Authority certificates

that are installed on the host system.

The EAP-FAST module always tries to use the PAC first if both check

boxes are checked. The module uses the server certifcate if the PAC

is missing or rejected by the server.

If both check boxes are unchecked, EAP-FAST functions as PEAP

does without validating server certificate. We do not recommend

leaving both boxes unchecked because the module bypasses

fundamental trust validation.

Default: Off

Check this box to enter an optional server name that must match the

server certificate that is presented by the server. You can enter

multiple server names; separate multiple server names with

semicolons. The EAP-FAST module only allows connections to

continue without prompting if the subject field (CN) in the server

certificate matches the server names that you enter in this field.

Default: Off

You can use an asterisk (*) as a wildcard character in server

Note

names only if the asterisk appears before the first period (.) in

the name.domain.com format. For example, "*.cisco.com"

matches any server name that ends with ".cisco.com." If you

put an asterisk anywhere else in the server name, it is not

treated as a wildcard character.

Select one of more Trusted Root CA certificates from the list of

certificates that are installed on the system. Only trusted CA

certificates that are installed on the host system are displayed in the

drop-down list.

To view details about the selected Trusted Root CA certificate,

double-click the certificate name. Double-clicking the certificate

name opens the Windows certificate property screen, where

certificate details are available.

Default: None

Check this box if you do not want the user to be prompted to authorize

a connection when the server name does not match or the server

certificate is not signed by one of the Trusted Root CA certiticates

that was selected. If this box is checked, the authentication fails.

Default: Off

Chapter 3

Configuring EAP Types

OL-16534-01

Table of Contents

Troubleshooting

This manual is also suitable for:

Aironet cb21ag Aironet pi21ag

Cisco AIR-CB21AG-W-K9 Installation And Configuration Manual page 62

Troubleshooting

Related Manuals for Cisco AIR-CB21AG-W-K9

Related Products for Cisco AIR-CB21AG-W-K9

This manual is also suitable for:

Table of Contents