Using PEAP-GTC Security
Imp or ta nt No te ! To use PE AP (EAP-GTC) security, the server must have WPA-PEAP
certificates, and the Cer tificate Authority (CA) server properties must alrea d y be set
up. Please check w ith your IT administrator.
To use PEAP security, access the Security tab in the Profile Management
window.
1. In the ACU, edit the security settings by clicking New or Modify on the
Prof ile Ma nagement tab.
2. Choose a profile to edit, or nam e the new pr of i le in th e Pro fi l e
Management window. Enter the SSID of the access point the client computer
connects to.
3. On the Security tab, choose the WPA radio button.
OR: On the Security tab, choose the 802.1x radio button.
4. Choose PEAP (EAP-GTC) or PEAP (EAP-MSCHAP V2) from the
drop-d own me nu.
z PEAP (EAP-GTC) authentication is designed to support one-time Password (OTP), Windows
2000 domain, and L DAP user databases over a wireless LAN. It is based on EAP-TLS
authentication but uses a password instead of a client certificate for authentication. PEAP
(EAPGTC) uses a dynamic session-based WEP key derived from the USB device and RADIUS
server to encrypt data.
Networks that use an OTP user database require entering a hardware or software token
password to start the PEAP (EAP-GTC) authentication process and to gain access to the
network. Networks that use a Windows 2000 domain user database or an L DAP user database
(such as NDS) require entering a username, password, and domain name in order to start the
PEAP (EAP-GTC) authentication process.
z T he PEAP (EAP-MSCHAP V2) authentication type is based on EAPTLS authentication, but uses
password instead of a client certificate for authentication. PEAP (EAP-MSCHAP V2) uses a
dynamic session-based WEP key, which is derived from the USB device and RADIUS server, to
encrypt da ta.
To use PEAP-GTC security In the Atheros Client Utility, access the Secu rity tab in th e
Profile Management windo w.
1. On the Security tab, choo se the WPA radio button.
2. OR: On the Security tab, choose the 802.1x radio button.
3. Choose PEAP (EAP-GTC) from the drop -d own menu.
4. Click the Configure button.
5. Select the approp riate ne two r k ce r tifi cate autho rity from the drop-down list.
6. Specify a u ser name for inner PEAP tunnel authentication:
Check Use Windows User Name to use the Windo ws user name as the PEAP
user name.
OR: Enter a PEAP user name in the User Name field to u se a separate user
name and start the PEAP authentication p ro ce ss.
18