Manualshelf

User guide

ManualsBrandsAtrust ManualsComputer equipmentM320
51525354555657585960
Odyssey Access Client User Guide
46 Setting Up Authentication
To select more than one protocol at a time, hold down Ctrl on the keyboard as you
select them with your mouse. Any protocols already selected are not listed in this
dialog.
To remove a protocol from the list:
1. Select the protocol.
2. Click Remove.
To reorder protocols:
1. Select a protocol.
2. Use the up or down arrow button on the Authentication tab to reposition the
protocol in the list.
Validating a Server Certificate—Mutual Authentication
Certain protocols, such as EAP-TTLS, EAP-PEAP, and EAP-TLS, allow you to verify
the identity of the authentication server as the server verifies your identity. This is
called mutual authentication.
Select Validate server certificate (set by default) to verify the identity of the
authentication server based on its certificate when authenticating with EAP-TTLS,
PEAP, and EAP-TLS.
In general, select Validate server certificate. You have the option of turning off this
important security precaution because there might be circumstances that require it.
For example, if you are unable to configure trust because you do not have an
intermediate root CA certificate installed on your machine, you might want to turn
off certificate validation.
Do this only if instructed by your network administrator.
Setting Tunneled Token Card Credential Options
There are two circumstances where EAP-GenericTokenCard can be the inner
protocol for tunneled authentication:
If you select EAP-FAST as an outer authentication method on the
Authentication
tab. EAP-GenericTokenCard is the inner authentication protocol
used with EAP-FAST.
If you select EAP-GenericTokenCard as the inner protocol for EAP-PEAP.
NOTE: If you select this option, you must have the same root CA or intermediate
CA for the server certificate chain installed in the trusted root or intermediate
certificate store of your machine.
To check this on Windows systems, select Internet Explorer under
Tools > Internet Options > Content > Certificates. Consult your network
administrator for help with this.