Specifications

ManualsBrandsAlcatel ManualsComputer equipmentOmniAccess AP61

251

252

253

254

255

256

257

258

259

260

802.1x Configuration 233

Chapter 10

Configuration of the Funk Odyssey client can be performed either on the host

PC or on the Pocket PC device. All permanent configuration should be done

on the host PC, which will then push the configuration to the mobile device.

This document will describe configuration on the host PC.

Certificate Configuration

During the operation of 802.1x authentication, a digital certificate will be

passed from the authentication server to the client. This certificate will be

used by the client to authenticate the network infrastructure, so that

connections to untrusted networks are not made. To authenticate the

network, the client checks the certification path of the server certificate and

compares it with trusted root certification authorities for which the client has

been configured. Microsoft Windows and Pocket PC come with a number of

large public certification authorities pre-installed, including authorities such as

VeriSign, SecureSign, GTE, C&W, and others. An organization may also use a

self-signed server certificate, generated by a local certificate server.

The Funk Odyssey client will automatically push required certificates to the

mobile device. However, this assumes that the certificate information –

including trusted certification paths – is already available on the host PC. If a

server certificate’s certification path includes of these pre-installed certificate

authorities, no further action is required on the client. If a self-signed

certificate is used, the organization’s certificate authority server must be

configured on the client device so that it is trusted. For instructions on

installing a certification authority (CA) certificate on the host PC, please

consult the Alcatel AOS-W User’s Guide and look for the section entitled

“Obtaining a Certification Authority (CA) Certificate.”

Odyssey Client Configuration

To configure the Odyssey client, navigate on the host PC to Start > Programs >

Funk Software > Odyssey Client for Pocket PC

and select the Configuration

Manager. The Configuration Manager appears.

Trusted Servers Configuration

The first configuration step is to specify which 802.1x authentication servers

should be trusted. Click Trusted Servers.

The server trust configuration may be done in two different ways. One

method instructs the client to trust any server that provides a certificate

ultimately signed by a specified certification authority (CA). This option is not

recommended if the CA is a public CA, since the client would then trust any

certificate that was also signed by that same CA. To configure this method,

click

Advanced.