Manualshelf

User Manual

ManualsBrandsSummit Data Communications ManualsElectronics802.11a/g Compact Flash Module
11121314151617181920
window, where you can view and edit profile settings. If you make any changes, then you must tap the Commit
button to save them.
3.3.2 EAP Credentials
Figure 4 below is an example of a PEAP credentials window:
Figure 4: PEAP credentials window
The 802.1X authentication types PEAP and EAP-TLS rely upon information in digital certificates that are created
by a certificate authority, or CA. To enable a client device to validate (or authenticate) the server used for PEAP
or EAP-TLS authentication, you must provision a root CA certificate and distribute it to that client. You can store
the CA certificate in a device's Microsoft certificate store or in a directory with a path that you specify as the
value for Certs Path on the SCU Global window. If you don't specify a Certs Path value, then SCU uses for the
Certs Path value the path to the certs directory that is off the SCU folder. For EAP-TLS you also must generate a
user certificate for each client; that user certificate must be stored in the Microsoft certificate store on the client.
Instead of using digital certificates, EAP-FAST relies upon strong shared-secret keys that are unique to users.
These secrets are called protected access credentials (PACs) and can be created automatically or manually. With
automatic or in-band provisioning, the PAC is created and distributed to the client device in one operation. With
manual or out-of-band provisioning, the PAC is created in one step and then must be distributed to the client
device separately. SCU supports PACs created automatically or manually. When you create a PAC manually, you
must load it to the directory identified by the Certs Path global setting. Be sure that the PAC file does not have
read-only permissions set, or SCU will not be able to use the PAC.
Here are the credentials for each EAP type:
LEAP:
User: Username or Domain\Username (up to 64 characters)
Password (up to 32 characters)
EAP-FAST:
User: Username or Domain\Username (up to 64 characters)
Password (up to 32 characters)
PAC Filename (up to 32 characters)
PAC Password (up to 32 characters)
PEAP-MSCHAP and PEAP-GTC
User: Username or Domain\Username (up to 64 characters)