beautypg.com

Psion Teklogix 9160 G2 User Manual

Page 311

background image

Psion Teklogix 9160 G2 Wireless Gateway User Manual

C-19

Appendix C: Security Settings On Wireless Clients And RADIUS Server Setup

Configuring WPA/WPA2 Enterprise (RADIUS) Security On A Client

Connecting To The Wireless Network With An IEEE 802.1x Client Using A
Certificate

IEEE 802.1x clients should now be able to connect to the access point using their
TLS certificates. The certificate you installed is used when you connect, so you will
not be prompted for logon information. The certificate is automatically sent to the
RADIUS server for authentication and authorization.

C.7 Configuring WPA/WPA2 Enterprise (RADIUS) Security On A

Client

Wi-Fi Protected Access 2 (WPA2) with Remote Authentication Dial-In User
Service
(RADIUS) is an implementation of the Wi-Fi Alliance IEEE 802.11h stan-
dard, which includes Advanced Encryption Standard (AES), Counter mode/CBC-
MAC Protocol
(CCMP), and Temporal Key Integrity Protocol (TKIP) mechanisms.
This mode requires the use of a RADIUS server to authenticate users.

This security mode also provides backwards-compatibility for wireless clients that
support only the original WPA.

When you configure WPA/WPA2 Enterprise (RADIUS) security mode on the
access point, you have a choice of whether to use the Built-in Authentication Server
or an external RADIUS server that you provide.

The 9160 G2 Wireless Gateway Built-in Authentication Server supports Protected
Extensible Authentication Protocol (EAP) known as “EAP/PEAP” and Microsoft
Challenge Handshake Authentication Protocol Version 2
(MSCHAP V2), which
provides authentication for point-to-point (PPP) connections between a Windows-
based computer and network devices such as access points.

So, if you configure the network (access point) to use security mode and choose the
Built-in Authentication server, you must configure client stations to use WPA/WPA2
Enterprise (RADIUS) and EAP/PEAP.

If you configure the network (access point) to use this security mode with an
external RADIUS server, you must configure the client stations to use WPA/WPA2
Enterprise (RADIUS) and whichever security protocol your RADIUS server is
configured to use.