User's Manual
Table Of Contents
- Introduction
- Installation
- Wireless Topologies
- ORiNOCO Client Utility
- Troubleshooting
- Specifications
- Technical Services and Support
- Glossary
- Safety and Regulatory Information
ORiNOCO Client Utility ORiNOCO
®
802.11a/b/g/n USB Adapter User Guide
37
Figure 4-19 Using the EAP-FAST security for WPA/WPA2 or 802.1x Security Option
Enabling EAP- FAST security:
To use EAP-FAST security, the machine must support EAP-FAST. Check with the IT manager.
1. Choose an EAP-FAST Authentication Method from the EAP-FAST Authentication Method group box and click
Configure.
• If you chose GTC Token/Password from the EAP-FAST Authentication Method drop-down list and click
Configure. The Configure PEAP (EAP-GTC) Configuration window appears. To know more about this option
refer Using PEAP (EAP-GTC) Security.
• If you chose MSCHAPv2 Username and Password from the EAP-FAST Authentication Method drop-down list
and click Configure. The Configure MSCHAPv2 Username and Password window appears. To know more
about this option, refer Using PEAP-MSCHAP V2 Security
• If you chose TLS Client Certificate from the EAP-FAST Authentication Method drop-down list and click
Configure. The Define Certificate window appears. When configuring EAP-TLS for EAP-FAST, you can check the
Authenticate Server Identity check box to force the system to authenticate the identity of the server as an added
level of security. This option is available only when configuring EAP-FAST. To know more about this option refer
Using EAP-TLS Security.
2. If you want to force the client adapter to disassociate after you log off so that another user cannot gain access to the
wireless network using your credentials, check the No Network Connection Unless User is Logged In check box.
The default setting is checked.
3. Perform one of the following if you want to enable or disable the Protected Access Credentials (PAC) in the
Protected Access Credentials (PAC) group box:
• If you want to enable automatic PAC provisioning, then make sure the Allow Automatic PAC Provisioning check
box for this profile is checked. A PAC file is obtained automatically as needed (for instance, when a PAC expires,
when the client adapter accesses a different server, when the EAP-FAST username cannot be matched to a
previously provisioned PAC, etc.). This is the default setting.
• If you want to enable manual PAC provisioning, clear the Allow Automatic PAC Provisioning check box for this
profile. This option requires you to choose a PAC authority or manually import a PAC file.
• To automatically use PACs belonging to the same PAC authority group, check the Use Any PAC Belonging to
the Same Group check box.