Table of Contents
Advertisement
Appendix B: Security Settings on Wireless Clients/RADIUS Server
WPA/WPA2 Enterprise (RADIUS) Client Using EAP-TLS Certificate
Logging On To The Wireless Network With A WPA/WPA2 Enterprise (RADIUS)
PEAP Client
"WPA/WPA2 Enterprise (RADIUS)" PEAP clients should now be able to associate with the
access point. Client users will be prompted for a user name and password to authenticate
with the network.
B.7.2
WPA/WPA2 Enterprise (RADIUS) Client Using EAP-TLS Certificate
Extensible Authentication Protocol (EAP) Transport Layer Security (TLS), or EAP-TLS, is
an authentication protocol that supports the use of smart cards and certificates. You have the
option of using EAP-TLS with both WPA/WPA2 Enterprise (RADIUS) and IEEE 802.1x
modes if you have an external RADIUS server on the network to support it.
Note: If you want to use IEEE 802.1x mode with EAP-TLS certificates for authentication
and authorization of clients, you must have an external RADIUS server and a Public
Key Authority Infrastructure (PKI), including a Certificate Authority (CA), server
configured on your network. It is beyond the scope of this document to describe these
configuration of the RADIUS server, PKI, and CA server. Consult the documentation
for those products.
Some good starting points available on the Web for the Microsoft Windows PKI soft-
ware are:
"How to Install/Uninstall a Public Key Certificate Authority for Windows 2000" at
http://support.microsoft.com/default.aspx?scid=kb;en-us;231881
How to "Configure a Certificate Server" at
http://support.microsoft.com/default.aspx?scid=kb;en-us;318710#3
To use this type of security, you must do the following:
1. Add the 9160 G2 Wireless Gateway to the list of RADIUS server clients. (See "Con-
2. Configure the 9160 G2 Wireless Gateway to use your RADIUS server (by providing
3. Configure wireless clients to use WPA security and "Smart Card or other Certifi-
4. Obtain a certificate for this client as described in "Obtaining A TLS-EAP Certificate
B-26
Psion Teklogix 9160 G2 Wireless Gateway User Manual
figuring An External RADIUS Server To Recognize The 9160 G2" on page B-31.)
the RADIUS server IP address as part of the "WPA/WPA2 Enterprise [RADIUS]"
security mode settings).
cate" as described in this section.
For A Client" on page B-35.
, and
.
Advertisement
Table of Contents
