User Manual
Table Of Contents
- PremierWave EN User Guide
- 1: Using This Guide
- 2: Introduction
- 3: Using DeviceInstaller
- 4: Network Settings
- 5: Line and Tunnel Settings
- 6: Configurable Pin Manager
- 7: Services Settings
- 8: Security Settings
- 9: Maintenance and Diagnostics Settings
- 10: Advanced Settings
- 11: Tunneling
- 12: Security in Detail
- 13: Updating Firmware
- A: Technical Support
- B: Binary to Hexadecimal Conversions
- C: Compliance
- D: Warranty
- E: USB-CDC-ACM Device Driver File for Windows Hosts
- Index
4: Network Settings
PremierWave EN User Guide 29
WLAN Profile WPA & WPA2
Settings
Description
IEEE 802.1X
Selects the protocol to use to authenticate the WLAN client.
LEAP = Lightweight Extensible Authentication Protocol. A
derivative of the original Cisco LEAP, which was a predecessor
of 802.1X. Real Cisco LEAP uses a special MAC layer
authentication (called Network EAP) and cannot work with
WPA/WPA2. The PremierWave EN uses a more generic version
to be compatible with other major brand WiFi equipment. The
authentication backend is the same.
EAP-TLS = Extensible Authentication Protocol - Transport Layer
Security. Uses the latest incarnation of the Secure Sockets
Layer (SSL) standard and is the most secure because it
requires authentication certificates on both the network side and
the PremierWave EN side.
EAP-TTLS = Extensible Authentication Protocol - Tunneled
Transport Layer Security.
PEAP = Protected Extensible Authentication Protocol.
EAP-TTLS and PEAP have been developed to avoid the
requirement of certificates on the client side (PremierWave EN),
which makes deployment more cumbersome. Both make use of
EAP-TLS to authenticate the server (network) side and establish
an encrypted tunnel. This is called the outer-authentication.
Then a conventional authentication method (MD5, MSCHAP,
etc.) is used through the tunnel to authenticate the PremierWave
EN. This is called inner authentication.
EAP-TTLS and PEAP have been developed by different
consortia and vary in details, of which the most visible is the
supported list of inner authentications.
Note: When using EAP-TLS, EAP-TTLS or PEAP authority, at
least one authority certificate will have to be installed in the SSL
configuration that is able to verify the RADIUS server’s certificate.
In case of EAP-TLS, also a certificate and matching private key
need to be configured to authenticate the PremierWave EN to the
RADIUS server. For more information about SSL certificates see
Secure Sockets Layer (SSL) on page ??. XXX FIXME: need link
here
EAP-TTLS Option
Selects the inner authentication method to be used with EAP-TTLS
(if configured.)
EAP-MSCHAPv2
MSCHAPv2
MSCHAP
CHAP
PAP
EAP-MD5
PEAP Option
Selects the inner authentication method to be used with EAP-PEAP
(if configured.)
EAP-MSCHAPv2
EAP-MD5
Username
Userid for identifying the PremierWave EN to the RADIUS server in
the network
Password
Password for identifying the PremierWave EN to the RADIUS
server in the network.