User guide

TTLS Settings  49

Chapter 5: Managing Profiles

To select an inner authentication protocol:

1. Select a profile and open the Profile Properties dialog.

2. Select the TTLS or the PEAP tab, based on the outer EAP authentication method

being used.

3. Next to Inner authentication protocol, click the pull-down menu to display the

list of inner authentication protocols.

4. Select a protocol from the list.

To set up a preferred order of multiple inner authentication protocols, select a

protocol from the list that you created and use the arrow buttons (located above the

Add button) to move it up or down in the list.

The most commonly used protocol, MS-CHAP-V2, authenticates you against user

databases.

PAP/Token Card is the protocol to use with token cards if you cannot use EAP-POTP

authentication. When you use PAP/Token Card, the password value that you enter

into the Password dialog is never cached, because any token-based password is

good for one use.

Select with your network administrator to determine which inner authentication

protocols to use on your network.

Table 4: Outer EAP Protocols and Supported Inner Protocols

Compatible Inner Authentication

Methods

EAP-TTLS for Outer

Authentication

EAP-PEAP for Outer

Authentication

PAP Yes No

CHAP Yes No

MS-CHAP (Note: not valid for

Windows platforms)

Yes No

MS-CHAP-V2 Yes Yes

PAP/Token Card Yes No

EAP Yes No

GenericTokenCard No Yes

POTP No Yes

TLS No Yes

JUAC Yes Yes

NOTE: When configuring an authentication profile for an Infranet Controller

connection, you must select JUAC as an inner EAP protocol.