beautypg.com

C.1.2.2 scu eap types, C.1.2.3 eap credentials, Eap cre – PYLE Audio IKON RUGGED 7505-BTSDCMHC25 User Manual

Page 307

background image

Appendix C: SCU For 802.11b/g Radio

Profile Tab

Ikôn Rugged PDA (Windows CE 5.0) User Manual

C-7

PEAP: Provides secure user authentication by using a TLS tunnel to encrypt EAP traf-

fic. Two different inner methods are used with PEAP:
- EAP-MSCHAPV2, resulting in PEAP-MSCHAP: This is appropriate for use against

Windows Active Directory and domains.

- EAP-GTC, resulting in PEAP-GTC: This is for authentication with one-time pass-

words (OTPs) against OTP databases such as SecureID.

LEAP: Is an authentication method for use with Cisco WLAN access points. LEAP

does not require the use of server or client certificates. LEAP supports Windows Active

Directory and domains but requires the use of strong passwords to avoid vulnerability to

offline dictionary attacks.

EAP-FAST: Is a successor to LEAP and does not require strong passwords to protect

against offline dictionary attacks. Like LEAP, EAP-FAST does not require the use of

server or client certificates and supports Windows Active Directory and domains.

C.1.2.2 SCU EAP Types

The following EAP types are supported by the integrated supplicant and can be configured
in SCU: PEAP-MSCHAP, PEAP-GTC, LEAP and EAP-FAST. With each of these four
types, if authentication credentials are not stored in the profile, you will be prompted to enter
credentials the first time the radio attempts to associate to an access point that supports
802.1X (EAP).
Consider the following when configuring one of the EAP types:

PEAP-GTC: SCU supports static (login) passwords only.

LEAP: Strong passwords are recommended.

EAP-FAST: SCU supports automatic, not manual, PAC provisioning.

EAP-TLS will work with an 802.11b/g radio module when Windows Zero Config (WZC)
rather than the SCU is used to configure the type. With WZC, the native Windows supplicant
instead of the SCU integrated supplicant is used.

C.1.2.3 EAP Credentials

Keep the following in mind when defining security settings:

If the credentials specified in the profile are incorrect and that profile is used, the

authentication fails without an error message; you will not be prompted to enter

correct credentials.

Note: PEAP and EAP-TLS require the use of Windows facilities for the configuration of

digital certificates.

See also other documents in the category PYLE Audio Tablet: