TTLS: Tunneled Transport Layer Security. This security method provides for certificate-based,
mutual authentication of the client and network through an encrypted channel. Unlike EAP-
TLS, EAP-TTLS requires only server-side certificates.
EAP-Fast: Flexible Authentication via Secure Tunneling. An authentication method
developed by Cisco. Instead of using a certificate, mutual authentication is achieved by
means of a PAC (Protected Access Credential) which can be managed dynamically by the
authentication server. The PAC can be provisioned (distributed one time) to the client either
manually or automatically. Manual provisioning is delivery to the client via disk or a secured
network distribution method. Automatic provisioning is an in-band, over the air, distribution.
For tunnel authentication, only "Generic Token Card" authentication is supported currently. –
MD5-Challenge: Message Digest Challenge. MD5 is an EAP authentication type that
provides base-level EAP support. It provides for only one-way authentication - there is no
mutual authentication of wireless client and the network.
Tunnel Authentication: Selects the tunnel authentication protocol. This pull-down menu is only
available when the authentication type is PEAP or TTLS. When EAP-FAST is used, the protocol
setting is always Generic Token Card and cannot be changed.
EAP-MSCHAP v2: This authentication uses a dynamic session-based WEP key derived from the
client adapter and RADIUS server to encrypt data.
EAP-TLS / SmartCard: This authentication type uses a dynamic session-based WEP key derived
from the client adapter and RADIUS server to encrypt data. It uses a client certificate for
authentication.
Generic Token Card: This authentication uses a dynamic session-based WEP key derived from the
client adapter and RADIUS server to encrypt data.
CHAP: This authentication uses an MD5 one-way encryption scheme to hash the response to a
challenge issued by the authenticator. It requires passwords to be stored in a reversibly encrypted
form.
MS-CHAP: This authentication is similar to CHAP; the main difference is that with MS-CHAP the
password only needs to be stored as a MD4 hash instead of a reversibly encrypted form.
16
To Next Page
Loading...
