Field

Description

 

 

Use certificate

This is the certificate to be used during authentication. A certificate is required for TLS, optional for

 

TTLS and PEAP, and unused by MD5 and LEAP. Therefore, this option becomes active only when TLS,

 

TTLS, or PEAP is selected as the Authentication type.

 

If Use certificate is enabled, the client certificate displayed in the field is the one that is passed to the

 

server for verification. To select a client certificate, tap Change and select the certificate from the list

 

that appears.

To appear in this list, certificates must be installed in the system. The Issued to column should match the Identity field and the user ID on the authentication server used by the authenticator.

Your certificate must be valid with respect to the authentication server. This generally means that the authentication server must accept the issuer of your certificate as a Certificate Authority.

When obtaining a client certificate, do not enable strong private key protection. If you enable strong pri- vate key protection for a certificate, you will need to enter an access password for the certificate each time this certificate is used.

Tunneled authentication area

Tunneled authentication parameters are used by only by TLS, TTLS and PEAP protocols, in Phase 2 of authentication, and after the secure tunnel has been established. The fields in this section are active only if the TLS, TTLS, or PEAP is selected as the Authentication type.

Identity

The user identity used in Phase 2 authentication. The identity specified may contain up to 63 ASCII

 

characters, is case-sensitive and takes the form of a Network Access Identifier, consisting of <name of

 

the user>@<user’s home realm>. The user’s home realm is optional and indicates the domain to which

 

the tunneled transaction is to be routed.

 

Because Microsoft .NET Enterprise Server Version 5.2 does not use this parameter for PEAP, This field

 

will have no effect for PEAP at this time. Phase 1 identity is used instead.

 

 

Password

The password used for the tunneled authentication protocol specified. It may contain up to 63 ASCII

 

characters and is case-sensitive. Asterisks appear instead of characters for enhanced security.

 

 

Protocol

This parameter specifies the authentication protocol operating within the secure tunnel.

 

The following protocols are currently supported for TTLS:

 

EAP-MD5, CHAP, PAP, MS-CHAP and MS-CHAP-V2.

 

The following protocols are currently supported for PEAP:

 

EAP-MS-CHAP-V2, TLS/SmartCard, and Generic Token Card (EAP-GTC).

 

 

Dolphin® 7900 Series User’s Guide

Rev D

9 - 21

Page 121
Image 121
Hand Held Products 7900 manual Field Description Use certificate, Tunneled authentication area, Protocol