Proceed to Step 4.
❍ Use the certificate issued to this computer: Proceed to Step 5.
❍ Use my smart card: Select if the certificate resides on a smart card. Proceed to Step 5.
4. User Name: Enter the user name assigned to the user certificate.
5. Click Next.
Step 2 of 3: EAP-FAST Additional Information
If you selected Use a certificate (TLS Authentication) and Use a user certificate on this computer, click
Next (no roaming identity is required) and proceed to
Step 3 to configure EAP-FAST Server certificate settings.
If you do not need to configure EAP-FAST server settings, click OK to save your settings and return to the
Profiles page.
If you selected to use a smart card, add the roaming identity, if required. Click OK to save your settings and
return to the Profiles page.
If you did not select Use a certificate (TLS Authentication), click Next to select an Authentication Protocol.
CCXv4 permits additional credentials or TLS cipher suites to establish the tunnel.
Authentication Protocol: Select either
GTC, or MS-CHAP-V2 (Default).
Generic Token Card (GTC)
GTC may be used with Server-Authenticated Mode . This enable peers using other user databases as
Lightweight Directory Access Protocol (LDAP) and one-time password (OTP) technology to be provisioned in-
band. However, the replacement may only be achieved when used with the TLS cipher suites that ensure
server authentication.
To configure a one-time password:
1. Authentication Protocol: Select GTC (Generic Token Card).
2. User Credentials: Select Prompt each time I connect.
3. On connection prompt for: Select one of the following:
Name Description
Static Password
On connection, enter the user credentials.
One-time password (OTP)
Obtain the password from a hardware token device.
PIN (Soft Token)
Obtain the password from a soft token program.
1. Click OK.
2. Select the profile on the Wireless Networks list.
3. Click Connect. When prompted, enter the user name, domain and one-time password (OTP).
4. Click OK.
MS-CHAP-V2
This parameter specifies the authentication protocol operating over the PEAP tunnel.
1. Select the user credentials:
Use Windows logon, Prompt each time I connect, or Use the following.
2. Roaming Identity: A Roaming Identity may be populated in this field or you can use %domain%\%
username% as the default format for entering a roaming identity.
When 802.1x Microsoft IAS RADIUS is used as an authentication server, the server authenticates
the device using the Roaming Identity from Intel PROSet/Wireless software, and ignores the
Authentication Protocol MS-CHAP-V2 user name. Microsoft IAS RADIUS accepts only a valid
user name (dotNet user) for the Roaming Identity. For all other authentication servers, the
Roaming Identity is optional. Therefore, it is recommended to use the desired realm (for example,
To Next Page
Loading...
Need help?
General
