Symbol Technologies AP-5131

AP-5131 Access Point Product Reference Guide

6-64

Default

Authentication

Type

Specify a PEAP and/or TTLS Authentication Type for EAP to use

from the drop-down menu to the right of each checkbox item.

PEAP options include:

•GTC - EAP Generic Token Card (GTC) is a challenge

handshake authentication protocol using a hardware token

card to provide the response string.

• MSCHAP-V2 - Microsoft CHAP (MSCHAP-V2) is an encrypted

authentication method based on Microsoft's challenge/

response authentication protocol.

TTLS options include:

•PAP - Password Authentication Protocol sends a username

and password over a network to a server that compares the

username and password to a table of authorized users. If the

username and password are matched in the table, server

access is authorized. WatchGuard products do not support

the PAP protocol because the username and password are

sent as clear text that a hacker can read.

• MD5 - This option enables the MD5 algorithm for data verification. MD5 takes as input a message of arbitrary length and produces a 128- bit fingerprint. The MD5 algorithm is intended for digital signature applications, in which a large file must be compressed in a secure manner before being encrypted with a private (secret) key under a public-key cryptographic system.

• MSCHAP-V2 - Microsoft CHAP (MSCHAP-V2) is an encrypted

authentication method based on Microsoft's challenge/

response authentication protocol.

Server Certificate If you have a server certificate from a CA and wish to use it on the

Radius server, select it from the drop-down menu. Only certificates

imported to the AP-5131 are available in the menu.For information

on creating a certificate, see Creating Self Certificates for

Accessing the VPN on page 4-10.

CA Certificate You can also choose an imported CA Certificate to use on the

Radius server. If using a server certificate signed by a CA, import

that CA's root certificate using the CA certificates screen (for

information, see Importing a CA Certificate on page 4-9). After a

valid CA certificate has been imported, it is available from the CA

Certificate drop-down menu.