Manualshelf

User's Manual

ManualsBrandsASUSTeK Computer ManualsComputers & AccessoriesNotebook PC
71727374757677787980
authentication server. The client uses EAP-TLS to validate the server and create a TLS-
encrypted channel between client and server. The client can use another EAP mechanism (for
example, Microsoft Challenge Authentication Protocol (MS-CHAP) Version 2), over this
encrypted channel to enable server validation. The challenge and response packets are sent
over a non-exposed TLS encrypted channel. The following example describes how to use WPA
with AES-CCMP or TKIP encryption with PEAP authentication.
To set up a client with PEAP Authentication:
Obtain and install a client certificate. Refer to Set up the Client for TLS authentication or
consult your administrator.
1. Click Profiles on the Intel PROSet/Wireless main window.
2. On the Profile page, click Add to open the Profile Wizard's General Settings.
3. Profile Name: Enter a descriptive profile name.
4. Wireless Network Name (SSID): Enter the network identifier.
5. Operating Mode: Click Network (Infrastructure).
6. Click Next to access the Security Settings.
7. Click Enterprise Security.
8. Network Authentication: Select WPA-Enterprise or WPA2-Enterprise.
9. Data Encryption: Select TKIP or AES-CCMP (Recommended).
10. Enable 802.1x: Selected.
11. Authentication Type: Select PEAP to be used with this connection.
Step 1 of 2: PEAP User
PEAP relies on Transport Layer Security (TLS) to allow unencrypted authentication types (for
example, EAP-Generic Token Card (GTC) and One-Time Password (OTP) support).
1. Authentication Protocol: Select either GTC, MS-CHAP-V2 (Default), or TLS. Refer
to
Authentication Protocols.
2. User Credentials: Select one of the following :
3. Use Windows Logon: Allows the 802.1x credentials to match your Windows user
name and password. Before connection, you are prompted for your Windows logon
credentials.
4. Prompt each time I connect: Prompts for user name and password every time
you log onto the network.
5. Use the following: The user name and password are securely (encrypted) saved in
the profile.
User Name: This user name must match the user name that is set in the
authentication server.
Domain: Name of the domain on the authentication server. The server name
identifies a domain or one of its subdomains (for example, zeelans.com, where
the server is blueberry.zeelans.com). NOTE: Contact your administrator to
obtain the domain name.
Password: This password must match the password that is set in the
authentication server. The entered password characters display as asterisks.
Confirm Password: Reenter the user password.
6. Roaming Identity: If the Roaming Identity is cleared, %domain%\%username% is
the default.
When 802.1x MS RADIUS is used as an authentication server, the
authentication server authenticates the device with the Roaming Identity