Manualshelf

User's Manual

ManualsBrandsASUSTeK Computer ManualsComputers & AccessoriesNotebook PC
12345678910
EAP-FAST like EAP-TTLS a nd PEAP, u se s tu n ne ling to prote ct tra ffic. Th e
m a in diffe re n ce is tha t EAP-FAST doe s not use ce rtifica te s to
a uthe n tica te . Provision in g in EAP-FAST is ne gotia te d sole ly by the clie nt
a s the first com m unica tion e xch a nge whe n EAP-FAS T is re que ste d from
th e se rve r. If th e clie n t doe s n ot ha ve a pre -s h a re d s e cre t Protecte d
Acce ss Cre de ntia l (PAC), it is a ble to initia te a provision ing EAP-FAST
e xcha nge to dyna m ica lly obta in one from the s e rve r.
EAP-FAST docum e n ts two m e thods to de live r the PAC: m a nu a l de live ry
th rou gh a n out-of-ba nd se cu re m e ch a nism a n d a u tom a tic provisioning.
Ma nua l de live ry m e cha n ism s a re a ny delive ry m e cha n ism tha t the
a dm inistra tor of the n e twork fe e ls is sufficie n tly s e cu re for the ir
ne twork.
Autom a tic provis ion in g e sta blishe s a n e ncrypted tu n n e l to protect
th e a uthe n tica tion of the clie nt a nd th e de live ry of th e PAC to the
clie n t. Th is m e cha nism , while not a s se cure a s a m a nua l m e thod
m a y be , is m ore se cure tha n the a uth e ntica tion m e thod u s e d in
LEAP.
The EAP-FAS T m e thod is divide d into two pa rts: provision ing a nd
a uthe n tica tion . Th e provisioning pha s e in volve s the initia l de live ry of
th e PAC to the clie nt. This pha se on ly ne e ds to be pe rform e d once pe r
clie n t a nd use r.
Mix e d - Ce ll Mo d e
Som e a cce s s points, for e xa m ple Cisco 3 50 or Cisco 12 0 0 , s u pport
e nviron m e nts in which not a ll clie n t sta tions support WEP e n cryption;
th is is ca lle d Mixe d-Ce ll Mode . Wh e n the se wire le s s n e twork ope ra te in
"option a l e n cryption" m ode , clie nt sta tions th a t join in WEP m ode , se nd
a ll m e ssa ge s e ncrypte d, a nd sta tions th a t u s e sta nda rd m ode , s e n d a ll
m e ssa ge s une n crypte d. The s e a cce ss points broa dca st tha t the n e twork
doe s n ot u s e e ncryption , bu t a llows clie n ts th a t u s e WEP m ode to join .
Whe n Mixe d-Ce ll is e n a ble d in a profile , it a llows you to con n e ct to
a cce ss points tha t a re configure d for "option a l e n cryption."
Ra d io Ma n a g e m e n t