Wyse Technology C90LE, R90L manual Using Peap Fast Reconnect

Page 49

Getting to Know the Extended Features

39

Note

PEAP is available as an authentication method for 802.11 wireless clients, but it is not supported for virtual private network (VPN) clients or other remote access clients. Therefore, you can configure PEAP as the authentication method for a remote access policy only when you are using Internet Authentication Service (IAS).

Using PEAP Fast Reconnect

When clients connect to an 802.11 wireless network, the authenticated session has an expiration interval configured by the network administrator to limit the duration of authenticated sessions. To avoid the requirement for authenticated clients to periodically re-authenticate and resume a session, you can enable the fast reconnect option.

PEAP supports fast reconnect, as long as each wireless access point is configured as a client of the same IAS (RADIUS) server. In addition, fast reconnect must be enabled on both the wireless client and the RADIUS server.

When PEAP fast reconnect is enabled, after the initial PEAP authentication succeeds, the client and the server cache TLS session keys. When users associate with a new wireless access point, the client and the server use the cached keys to re-authenticate each other until the cache has expired. Because the keys are cached, the RADIUS server can quickly determine that the client connection is a reconnect. This reduces the delay in time between an authentication request by a client and the response by the RADIUS server. It also reduces resource requirements for the client and the server.

If the RADIUS server that cached the session keys is not used, full authentication is required, and the user is again prompted for credentials or a PIN. This can occur in the following situations:

The user associates with a new wireless access point that is configured as a client of a different RADIUS server.

The user associates with the same wireless access point, but the wireless access point forwards the authentication request to a different RADIUS server.

In both situations, after the initial authentication with the new RADIUS server succeeds, the client caches the new TLS session keys. Clients can cache TLS session keys for multiple RADIUS servers.

Using the Regpersistence Tool to Configure PEAP Wireless Connections

Use the following guidelines:

1.Image the Windows XP Embedded Client.

2.With the Write Filter enabled, configure a wireless connection.

3.When users log in, they are not prompted for wireless credentials.

Note

When you configure PEAP authentication with the Regpersistence tool, the thin client must have a corresponding or relative user certificate and server certificate for authentication. With the Regpersistence tool, the user name and domain name are saved across reboots; the PEAP authentication process prompts only for the password to prevent hackers from spoofing user credentials while users are connected across a WAN.

Image 49
Contents Wyse Thin Clients Based on Microsoft Windows XP Embedded Administrators GuideEnd User License Agreement License Trademarks Copyright NoticesPatents Restricted Rights Legend Ordering Information FCC StatementDevice Power Supply Wireless Usage and RequirementsRegulatory Compliance for Thin Clients Canadian DOC NoticesModel Rx0LE Thin Client, Product R90LE Battery InformationContents System Administration Administrative Utilities and SettingsFigures Tables ViiViiiContents This page intentionally blank Wyse Technology Inc -01 Rev. L Summary of RevisionsReference Description Wyse Technology Inc -01 Rev. KSummary of Revisions About this Guide IntroductionOrganization of this Guide Finding the Information You Need in this Guide Wyse Technical SupportRelated Online Resources Available at Wyse Wyse Online CommunityEstablishing a Server Environment Setting-Up Access to the Enterprise ServersUsing Dynamic Host Configuration Protocol Dhcp Understanding How to Configure Your Network ServicesDNS Dhcp Options DescriptionUsing FTP File Servers Using DNS Understanding Session ServicesConfiguring RDP Session Services Configuring ICA Session ServicesImplementing View Client Support on Wyse Thin Clients Using VMware View Manger ServicesThis page intentionally blank Getting Started What Happens When You Turn on Your Thin ClientLogging On Automatic Logon Configuring the Thin ClientManual Log-on About the Automatically Launched Utilities User desktop example Understanding the User DesktopAdministrator desktop example Understanding the Administrator DesktopLogging Off, Shutting Down, and Restarting Configuring and Using Peripherals Getting to Know the Extended FeaturesAccessing the Extended Features of the All Programs Menu Viewing Client Information Managing Connections with Citrix Program NeighborhoodEstablishing Remote Desktop Connections Browsing the Internet with Internet ExplorerOdyssey Client Manager Using the Odyssey Client ManagerSynchronizing Thin Client Time with Neutron Ericom PowerTerm TEC and ConnectVMware View Client extended view Using VMware View Client to Connect to a Virtual DesktopAdministrator Control Panel Configuring Component Services Accessing and Using the Administrative ToolsAdministrative Tools window Viewing Events Managing ServicesManaging Users Configuring WinVNC Current User PropertiesCustom Fields Setting Configuration Strings with Custom FieldsConfiguring Dual Video VGA RAM Configuring Dual Monitor DisplayConfiguring Printers Configuring TouchscreensAdding Printers Select Do not share this printer and click NextRamdisk Configuration Setting Ramdisk SizeSelecting Regional and Language Options English US defaultControlling Sounds and Audio Devices Enabling and Disabling Automatic Logon Using Winlog Configuring WDM PropertiesConfiguring Wireless Local Area Network LAN Settings Configuring the Internal Wireless FeatureUsing Wireless Zero Configuration WZC Wireless Network Properties EAP-TLS Wireless Network Connection Properties dialog boxSmart Card or other Certificate Properties EAP-TLS Chapter Configuring Wireless Thin Clients for PEAP-MS-CHAPGetting to Know the Extended Features Enter Credentials PEAP-MS-CHAP Preserving Wireless ConnectionsUsing Peap Fast Reconnect Chapter Using the File Based Write Filter Fbwf Administrative Utilities and SettingsChanging Passwords with the File Based Write Filter Administrative Utilities and Settings Running File Based Write Filter Command Line Options File Based Write Filter Control Setting the File Based Write Filter ControlsCache Limit and Warning Settings area includes Understanding the NetXClean Utility Saving Files Saving Files and Using Local DrivesDrive Z Drive C and FlashParticipating in Domains Mapping Network DrivesJoining a Domain Using the Net and Tracert Utilities Using the WinPing Diagnostic UtilityUsing Roaming Profiles Creating New User Accounts Managing Users and Groups with User ManagerCreating New Groups Configuring User ProfilesDetermining Group Membership Changing the Computer Name of a Thin ClientThis page intentionally blank Accessing Thin Client Bios Settings System AdministrationManually Installing and Upgrading Addons Installing and Upgrading AddonsFTP Addon Installer dialog box automatic example Automatically Installing and Upgrading AddonsFTP Options complete one of the following Uninstalling Addons Using the FTP Addon Installer Using Windows Server Update Services Wsus on a Thin ClientConfiguring the Thin Client for Wsus Using Wsus on the Wyse Thin Client in Standalone Mode Automatic Software Updates on Wyse Thin Clients Using WsusPrerequisites Wsus Log Format Date Time Troubleshooting Wsus in Standalone ModeComponent Text Wsus Components DescriptionService Startup Windows Update Log File ExamplesWindows Update agent searches for available updates User is offered one update and chooses to install itTroubleshooting Wsus Used with SMS Configuring Wsus for Automatic Software Updates Using SMSAbout VB Scripts Wsus 2.0 Reports Tab Using Wsus with WDMWindowsUpdate.log file-provides statistics Troubleshooting Wsus with WDMNetmon or Ethereal trace-shows data flow Setting VNC Server Properties Using WinVNC to Shadow a Thin ClientVNC Connection Details Setting VNC Viewer OptionsVNC Connection Options VNC Authentication This page intentionally blank Figures Page Tables
Related manuals
Manual 14 pages 63.01 Kb