Hand Held Products 7900 manual Benefits, Typical Message Exchange Using Ttls and Peap

Page 132

Typical Message Exchange Using TTLS and PEAP

The above graphic shows a typical message flow for a TTLS transaction. TTLS authentication comprises two phases. In Phase 1, TLS is used to authenticate the TTLS server to the client. The TTLS server may optionally request authentication of the client's certificate, but by default the client verifies only the server's certificate. The TLS handshake is negotiated between the client and the TTLS server. Following the TLS handshake, Phase 2 may proceed using a secure channel (tunnel) provided by the TLS record layer. The secure tunnel is then used to exchange information for the negotiation of the following legacy protocols: EAP- MD5, PAP, CHAP, MS-CHAP, or MS-CHAPV2 (subject to support by the AAA server). A TTLS server may perform the authentication, or the information may be de-tunneled and passed on to an AAA server. The AAA server is the server in the user's home domain where authentication and authorization are administered.

PEAP works in the same manner as TTLS. However, supports different legacy protocols within the encrypted Phase 2 tunnel. Currently the tunneled protocols are EAP-MSChapV2 and EAP-TLS/SmartCard. Like TTLS, the use of a client certificate is optional, if one is used, the same certificate is used for Phase 1 and Phase 2. The client certificate is optional for both phases.

Benefits of 802.1X

Central User Administration

The Client allows network administrators to continue to use RADIUS or another AAA server as their centralized authentication server. In 802.11b, where authentication took place between the AP and the station, there was no concept of passing credentials from the AP to an authentication server. For LANs this was fine. However, as users began to use their devices in remote locations, the security provided became inadequate. 802.1X solves this problem by allowing APs to pass client credentials to the appropriate authentication server.

For example, the following graphic displays the authentication flow for a mobile user who wishes to create a virtual private network with his home office.

By using the Client, the user can associate with a wireless network provided by a third party, in this case the ISP. We assume that the company and the ISP have established a service relationship beforehand. When the ISP receives the user's credentials, the ISP proxies the credentials to the company's AAA server, which returns a message telling the ISP to either accept or deny the user access. This response is then propagated to the remote user.

9 - 32

Rev D

Dolphin® 7900 Series User’s Guide

Image 132
Contents User’s Guide Disclaimer TrademarksTable of Contents Using the Image Engine Communications Wireless PAN Wpan Communications with Bluetooth Applications Dolphin ChargeBase Introduction OverviewRequired Safety Labels Laser Safety LabelLocation Dolphin 7900 Series Wlan 802.11b or Wpan Bluetooth Radio Parameter SpecificationBluetooth 802.11b802.11b and Bluetooth GSM and BluetoothGSM, 802.11b, and Bluetooth Dolphin 7900 Series Wwan Radio GSM MC-45 & MC-46FCC Compliance Dolphin 7900 Series Batch TerminalRF, Regulatory, and Safety Agency Approvals for GSM MC-45 RF, Regulatory, and Safety Agency Approvals for GSM MC-46Parameter Care and Cleaning of the Dolphin Terminal For European Community UsersMicrowaves Waste Electrical and Electronic Equipment InformationRev D Getting Started Data InputImaging MemoryDolphin 7900 Radio Configuration Options Standard ConfigurationsCustom Configurations Dolphin 7900 Series Peripherals Dolphin 7900 Accessories Using the Dolphin 7900 for the First Time Unpack the Carton and Verify its ContentsTo Remove the Main Battery Pack Charging with Dolphin PeripheralsAlign the Screen Verify Operations with Demos Resetting the Terminal Suspend ModeSoft Reset Warm Boot Hard Reset Cold BootRev D System Features Wireless Radio OptionsHardware Overview ProcessorFront Panel Features PocketPCAudio Jack SpeakerIrDA Port Scan LEDBack Panel Features Battery Image Engine WindowHand Strap Slot Stylus and FastenerSide Panel Features Opening the Access DoorAccess Door Programmable Side ButtonInstalling a Mini-SD Card MSD SIMInstalling a SIM Card Replacing the Access DoorBottom Panel Features Mechanical ConnectorPowering Out Battery Power Main Battery PackInternal Backup Battery Managing Battery Power Default Low and Critical Battery PointsSetting Critical and Low Battery Points Checking Battery Power Guidelines for Battery Use and DisposalStoring Batteries Dolphin 7900 Technical Specifications Temperature Temperature HumidityResistance Power Peripherals/AccessoriesUsing Dolphin Mobile Computers Command BarToday Screen Navigation Bar and Start MenuUsing the Touch Screen Selecting ProgramsPop-Up Menus Adjusting the Backlight Wireless Radios Communication OptionsIrDA Port Software Communication ProgramsRadio Driver Installation Radio OptionsRadio Combinations Radio ManagerUsing the Soft Input Panel SIP Using the SIP KeyboardUsing the Letter Recognizer Using the Block RecognizerSelecting Text Input Panel OptionsInput tab Word Completion tab Options tab Writing on the Screen Drawing on the ScreenTo Select Writing Status Icons NotificationsStatus Icon Meaning Using Find Using File ExplorerUsing the Image Engine Image Engine OptionsRange Near FarBar Code Symbologies Supported Symbology Type Symbology Name 1D SymbologiesOCR Codes Postal CodesActivating the Engine DemosDecoding Programmable Side ButtonsSample Bar Codes Omni-Directional ScanningCapturing Images Taking an ImageHigh-Vis Aiming Pattern Uploading ImagesRev D Using the Keyboards Key Numeric KeyboardKey Alpha Keyboard Using the Function Keys Using the Navigation KeysUsing the Modifier Keys Name Key FunctionKey combination pressed Alpha Mode Caps Lock Key in Alpha ModeKey Numeric Keyboard Blue Key Combinations Red Key CombinationsKey Character Key Combination FunctionRed + F10 Key Alpha Keyboard NUM Lock KeyCaps Lock Functionality NUM Key Combinations Numeric Shift in Numeric Mode Rev D Settings Personal Tab System Tab Connections Tab DescriptionSystem ConnectionsPersonal Tab To Enable HotKeys ButtonsButton Assignments Available ApplicationsMic Volume Headset VolumeHeadset Control Stereo headphoneUsing System Settings Using File ExplorerTap Start Settings Personal tab Menus Start Menu tab Menus Adding a Program to the Start MenuUsing ActiveSync on the Desktop Computer System Tab CPU Speed To Increase/Decrease RAM MemoryMain tab FunctionsStorage Card Tab Total storage cardMemory Use FreePower Tab Description Battery TabWireless Tab Find LinkRegional Settings Tab Description Advanced TabRemove Programs To Remove ProgramsScreen Alignment tab ClearType TabText Size Tab Default Font Size Largest Font Size Zero-Config Wi-Fi Connections TabServer-Assigned IP Addresses Com Port Assignment TableOpening the Connections Manager Creating an External Modem Connection to an ISPTask Tab Tap Start Settings Connections tab Connections Task tab Tap FInish Advanced SettingsEnter a name for the connection, such as My Connection Port Settings Tab General TabTCP/IP Tab Connecting to Your ISP Creating an External Modem Connection to Your WorkEstablishing Exceptions for Work URLs Servers TabSetting up a Proxy Server Connection for Work Connections Setting Up a VPN Connection for Work ConnectionsGo to Start Settings Connections tab Connections Dolphin 7900 Series User’s Guide Rev D Connecting to a VPN Server Establishing Dialing Rules Creating a Wireless Network Connection Network CardsDolphin 7900 Series User’s Guide Rev D Rev D General Help on Connecting Installing Additional SoftwareCommunications Using ActiveSync Synchronizing from Your Desktop ComputerSynchronizing from the Terminal Exploring the Terminal from the Desktop Computer Adding Programs to the Terminal Using ActiveSync If the File is an InstallerIf the File is Not an Installer Using Infrared Verify That the IrDA Port is EnabledIrDA Port Location on the Terminal Verify That Beam Settings Are Set to Receive Sending and ReceivingSending ReceivingTroubleshooting Using an ISP Adding Programs Directly from the InternetWireless LAN Wlan Communications with 802.11b Configuration Utilities802.11b Wireless Security Supplement Enabling the 802.11b Radio Driver802.11b Settings Tap Start Settings System tab 802.11b SettingsStatus Icons Icon This icon means…Status Tab Config Tab To Add an Active Ssid to the Preferred Profile Table To Create a New Profile Authentication Tab Field Description AuthenticationEnable AlgorithmField Description Power Save Mode Preamble ModeTo Delete a Profile Advanced TabUsing the Status Icon About Tab802.11b Wireless Security Supplement Required Network Configuration Information WorksheetsPlatforms Supported 802.1X Supplicant Protocol SupportMD5 Worksheet Leap WorksheetTLS/SmartCard Worksheet Ttls Worksheet Peap Worksheet Icon Indicators Opening the ClientGray OrangeMain Screen Port Status IconClient Menu Menu Item Tapping this item… CloseInstall Protocol View MenuExit Help Menu Status BarMenu Item Tapping this item… Configuring the Client Menu Item Description EnableDisable Port MenuConfiguration Screens Client Configuration AreaAccessing the Client Configuration Area On this tab You…Password User TabField Description Profile IdentityTunneled authentication area Field Description Use certificateProtocol System Tab Port Settings Area Server TabWireless Networks Tab Field Description Protocol Settings Protocol TabDisplay EAP NotificationsAdding a Wireless Network Configuration Profile Info TabWEP Mgmt Tab WPA Settings Tab Field Description WPA ModeLogging PSK pass-phraseInstalling Certificates with CertAdd Installing CertificatesAdvice and Workarounds Key to authenticate with AP Select Peer-to-Peer Group ad hoc mode and Do active scanTypical Message Exchange Using MD5 or TLS How 802.1X WorksTypical Message Exchange Using Ttls and Peap Central User AdministrationBenefits Relative Merits of Authentication Protocols Dynamic Session Specific Wireless Encryption KeysCisco Leap Additional Advantages of Ttls and PeapDifferences Between Protocols Wireless PAN Wpan Communications with Bluetooth Enabling the Bluetooth RadioSetting Up Your Bluetooth Card Assign COM PortsDiscover Bluetooth Devices Bond With Discovered Devices Rev D Set Up Your Favorite Device View Device PropertiesTap Tools My Favorites Change Views Delete a Device From the FolderBluetooth ActiveSync Turn Radio Transmitter ON/OFFRev D Bluetooth LAN Access Rev D Obex Exchange Business CardsSend a Contact Send a File Browse Remote Device Prepare for File TransferDolphin 7900 Series User’s Guide Rev D Send/Receive Files or Folders Create a FolderDelete Files or Folders Refresh Remote ViewConnect/Disconnect Tap Device ConnectUsing the Dialer Enable File SharingExit Bluetooth File Explorer Receive Contact or FileUsing the Dialer Tap Start Settings System tab DialerAssign a Dialing Prefix Tap Start ContactsGet Connected Wizard Ericcson, Nokia 6210, NTT DoCoMo, Sony PhonesAccept Motorola Timeport 270C, Nokia 3650/6310/7650/8910/8910iDial Up Connection Tap Start Settings Connections tab Connections Uncheck Wait for dial tone before dialing. Tap FinishAutomatic Connections for Motorola Timeport 270C Automatic Connections for Nokia 3650/7650Automatic Connections for Nokia 6310/8910/8910i Wireless WAN Wwan Communications with GSM/GPRS Installing a SIM Card SIM CardAudio Modes Keyboard Combinations for CallsUsing uPhone Accessing uPhoneNavigation Bar Icons Icons and Bubble MessagesTap Call Answerphone to dial Using the Dialler Making a CallEntering a Phone Number Sending a CallReceiving a Call Answering a CallRejecting a Call Call WaitingEnding a Call Call WaitingPlacing the Current Call on Hold Making Conference CallsDialler Menus TouchtonesTools Menu Settings Menu PhonebookMenu Item Description See Mic muteRingtone Configuration Tap Start Settings Personal tab Ringtones icon orWAV Files Previewing TonesCharging Ussd Call Log Tap Start Programs uPhone Call Log orDialed Exit Closes the Call LogUPhone Configuration Accessing uPhone ConfigurationTap Start Settings System tab uPhone icon Tab WindowsGeneral Tab Network TabDivert Tab Not DivertedBar Tab Card can be madeAll outgoing calls Bar all outgoing calls Not barredMessaging Tab Request Delivery ReportsSMS Manager Opening the SMS ManagerInbox Tap Start Programs uPhone SMS Manager, orSent Folder Outbox FolderSending an SMS Message Icons at the Top of the Message Screen Edit MenuIcon Description Select AllGprs Settings Configuring the Gprs ConnectionService Provider Information No ActiveSyncTap Manage existing connections Rev D Dolphin 7900 Series User’s Guide Rev D Rev D Applications CalendarCreating an Appointment Using the Summary Screen Contacts Creating Meeting RequestsScheduling a Meeting Creating a Contact Searching for ContactsTasks Creating a Task Messaging Creating a NoteSynchronizing E-mail Messages Connecting Directly to an E-mail Server Receiving MessagesUsing the Message List Composing MessagesManaging E-mail Messages and Folders Accessing Pocket Internet Explorer Pocket Internet ExplorerActiveSync Default View One Column View Browse the Internet on Your TerminalView Options Mobile Favorites FolderUsing Mobile Favorites and Channels Creating and Synchronizing Mobile FavoritesUsing AvantGo Channels Using Pocket WordPocket Word Tap the AvantGo Channels linkTyping Mode Drawing ModePocket Excel Creating a Word FileCreating an Excel File Tips for Working in Pocket ExcelWindows Media Player for Pocket PC Setting Up MSN MessengerTap Start Programs MSN Messenger Pictures Tap Tools Options Account tabTo begin, tap Start Programs Pictures Rev D Intelligent Battery Charging Power SupplyDolphin HomeBase Convenient StorageAUX Battery LED Front PanelTerminal Well Auxiliary Battery Well DC Power JackBack Panel RS-232 PortRS-232 Serial Connector Powering the Dolphin HomeBaseCharging the Main Battery To Power a Terminal and Charge its Main BatteryCharging a Spare Battery in the Auxiliary Battery Well Required Equipment for Setup To Install the HomeBase Using USBSetting up the Terminal for ActiveSync Communications ActiveSync Communications with the HomeBaseSetting up the PC for ActiveSync Communications Connecting the CablesRS-232 Communications RS-232 Pin Configuration HomeBase /Host Port Pin / Input SignalModem DB25 Communicating with the Dolphin Terminal Verifying CommunicationVerifying Data Transfer Mounting the HomeBase Desk MountingWall Mounting Dolphin 7900 Series User’s Guide Rev D Rev D Dolphin Mobile Base CommunicationsConvenient Storage CapacitySpring Arm Assembly Dolphin Mobile Base Hardware OverviewFront Panel LatchPower Supply Connector Bottom PanelComm LED Color Indicates that… Red Orange Data is being sent at high data ratesTXD RXD DSR GND DTR CTS RTS Volt OUT RS-232 Serial Communications PortBack Panel Ball JointBall Joint Connector Mounting the Dolphin Mobile BaseTo Mount the Dolphin Mobile Base TurnscrewPowering the Dolphin Terminal Setting Up the Mobile Base for CommunicationsRS-232 Pin Configuration Charging the Dolphin TerminalConfiguring the Terminal for ActiveSync Communications Dolphin ChargeBase Dolphin ChargeBase Parts and FunctionsTerminal Wells Supplying Power to the ChargeBase Dock LEDCharge LEDs Inserting and Removing Terminals Charging Terminals in the ChargeBaseMounting the Dolphin ChargeBase Using the DIN Rail Using the Mounting BracketsDolphin 7900 Series User’s Guide Rev D Rev D Dolphin QuadCharger Dolphin QuadCharger Parts and FunctionsBattery Capacity Indicator LEDs Power SwitchRear Panel Analyze ButtonSupplying Power to the QuadCharger Inserting and Removing Battery PacksRecommendations for Storing Batteries Charging Batteries in the QuadChargerUsing the Battery Analyzer To Analyze a BatteryLocation Analyze CycleMounting the QuadCharger Troubleshooting Problem IssueProduct Service and Repair Online Product Service and Repair AssistanceCustomer Support Technical Assistance Online Technical AssistanceNorth America/Canada Limited Warranty How to Extend Your WarrantyRev D Page Hand Held Products, Inc
Related manuals
Manual 12 pages 22.88 Kb