Configuring EAP-FAST Settings in the Authentication Tab

Chapter 3 Configuring EAP Types

Configuring EAP-FAST

Configuring EAP-FAST Settings in the Authentication Tab

The EAP-FAST module supports three authentication methods: EAP-GTC, EAP-MSCHAPv2, and EAP-TLS.

These three authentication methods use the following types of credentials:

EAP-GTC—Active Directory password, OTP, Token, LDAP

EAP-MSCHAPv2—Active Directory password

EAP-TLS—certificate

The EAP-GTC module is bundled with the EAP-FAST module. The EAP-GTC module is not registered with the EAPHost framework; it is not available to other applications.

Amodified version of the EAP-MSCHAPv2 module is also bundled with the EAP-FAST module. This modified version is used in anonymous TLS provisioning mode to support the modification of EAP-MSCHAPv2 challenges. This same module also supports user authentication in authentication mode without modification.

The EAP-FAST module uses the standard EAP-TLS module that is shipped with Windows Vista.

The user can select only one of these three inner authentication methods through the user interface. Although other third-party EAP methods are registered with the EAPHost framework and can be selected in the administrator interface, these methods have not been officially tested.

Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide for Windows Vista

 

OL-16534-01

3-13

 

 

 

Page 67
Image 67
Cisco Systems CB21AG, PI21AG manual Configuring EAP-FAST Settings in the Authentication Tab, 3-13