Specifications
OmniAccess Reference: AOS-W System Reference
250 Part 031652-00 May 2005
z The encryption type is WEP
z Open authentication should be used (this refers to 802.11 “basic” authenti-
cation, not to 802.1x)
z Each client will use a dynamically-generated WEP key that will be automati-
cally derived during the 802.1x process.
z The network is not ad-hoc – APs are required to be used.
Sets up 802.1x authentication parameters for the ESSID.
z Enables 802.1x
z Specifies that the client will initiate the 802.1x exchange (default)
z Establishes default timing parameters for 802.1x
z Specifies the EAP type as PEAP
z Clients will not attempt to authenticate as a guest
z Clients will perform computer authentication when a user is not logged in.
z After a user logs in, clients will re-authenticate to the wireless network
Sets up client PEAP properties
z Server certificate will be validated. This option instructs the client to check
the validity of the server certificate from an expiration, identity, and trust
perspective.
z The District-CA certificate authority is the only trusted CA that can issue
server certificates for the wireless network.
z The PEAP “inner authentication” mechanism will be a password through
MS-CHAP v2.
z Fast reconnect has not been enabled on the client. This option can speed
up authentication in some cases.
Sets up the behavior of MS-CHAP v2 within PEAP.
z The user’s Windows logon information will be used for authentication to
the wireless network. This option enables single sign-on, allowing the
same logon to be used for access to the Windows domain as well as the
wireless network.