User Manual Instruction Manual

the authentication phase. The server presents a certicate to the

client and, after validating the server’s certicate, the client presents

a client certicate to the server for validation.

Session Resumption: Click/check the box to activate or de-activate.

ID/Password: Enter the password as the identity for the server.

Client Certication: A client certicate is required for TLS, but is

optional for TTLS and PEAP. This forces a client certicate to be

selected from the appropriate Windows Certicate Store and made

available to the RADIUS server for certication.

Tunneled Authentication/Protocol: When the authentication type is

PEAP or TTLS, select a protocol for building the encrypted tunnel.

Tunnel Authentication: Select one of three options from the drop-

down menu: “EAP-MSCHAPv2,” “EAP-TLS/Smart card” or “Generic

Token Card.”

802.1x setting/Ca server

Use certicate chain: When the Extensible Authentication Protocol

(EAP) authentication type — such as TLS, TTLS or PEAP — is

selected and requires certication to tell the client what credentials to

accept from the authentication server in order to verify the server, you

need to enable this function. Choose the preferred server from the

drop-down menu to issue the certicate. If “Any Trusted CA” is

selected, any CA (certication authority) on the list (which is provided

by the Microsoft Certicate Store) is permitted.

Allow intermediate certicates: A server designates an issuer as a

trusted root authority by placing the issuer’s self-signed certicate,

CONFIGURATION