User guide
A
RF45-PRO
User Guide
Ref. 11-06-V0-ffr
p 54
Note: WPA and WPA2/IEEE 802.11i are not available for Ad-hoc topology.
EAP methods supported
Here are the EAP methods that are supported by the ARF45-PRO:
LEAP = Lightweight Extensible Authentication Protocol.
EAP-TLS = Extensible Authentication Protocol - Transport Layer Security:
requires authentication certificates on both the network side and the ARF45-
PRO side.
EAP-TTLS = Extensible Authentication Protocol - Tunneled Transport Layer
Security.
PEAP = Protected Extensible Authentication Protocol.
EAP-TTLS and PEAP have been developed to avoid the requirement of
certificates on the client side which makes deployment more cumbersome.
Both make use of EAP-TLS to authenticate the server (network) side and
establish an encrypted tunnel. This is called the outer-authentication.
Then a conventional authentication method (MD5, MSCHAP, etc.) is used
through the tunnel to authenticate the ARF45-PRO. This is called inner-
authentication.
Security mode deployment
This chapter describes how to deploy the WPA/WPA2 Enterprise security
mode using the PEAP and EAP-TLS authentication methods.
The deployment has been carried out using a Windows Server 2003
authentication server running Authentication services, a Certificate Authority
and a RADIUS server.
When using EAP-TLS, EAP-TTLS or PEAP authentication methods at least
one authority certificate will have to be installed on the ARF45-PRO that is