B.6
Configuring IEEE 802.1x Security On A Client
IEEE 802.1x is the standard defining port-based authentication and infrastructure for doing
key management. Extensible Authentication Protocol (EAP) messages are sent over an
IEEE 802.11 wireless network using a protocol called EAP Encapsulation Over LANs
(EAPOL). IEEE 802.1x provides dynamically-generated keys that are periodically re-
freshed. An RC4 stream cipher is used to encrypt the frame body and cyclic redundancy
checking (CRC) of each 802.11 frame.
B.6.1
IEEE 802.1x Client Using EAP/PEAP
The Built-In Authentication Server on the 9160 G2 Wireless Gateway uses Protected Exten-
sible Authentication Protocol (EAP) referred to here as "EAP/PEAP".
•
If you are using the Built-in Authentication server with "IEEE 802.1x" security mode
on the 9160 G2 Wireless Gateway, then you will need to set up wireless clients to use
PEAP.
•
Additionally, you may have an external RADIUS server that uses EAP/PEAP. If so, you
will need to:
1. Add the 9160 G2 Wireless Gateway to the list of RADIUS server clients.
AND
2. Configure your IEEE 802.1x wireless clients to use PEAP.
Note: The following example assumes that you are using the Built-in Authentication server
that comes with the 9160 G2 Wireless Gateway. If you are setting up EAP/PEAP on a
client of an AP that is using an external RADIUS server, the client configuration pro-
cess will differ somewhat from this example, especially with regard to certificate
validation.
If you configured the 9160 G2 Wireless Gateway to use IEEE 802.1x security mode. . .
Appendix B: Security Settings on Wireless Clients/RADIUS Server
Configuring IEEE 802.1x Security On A Client
Psion Teklogix 9160 G2 Wireless Gateway User Manual
B-15