User's Manual

ManualsBrandsGetac Technology ManualsElectronicsWLAN Module

181

182

183

184

185

186

187

188

189

190

Settings window), you can choose one of the following: Use my smart card, Use the certificate

issued to this computer, or Use a user certificate on this computer. For Persistent IT

Administrator profiles, User Credentials can be set to

Use the certificate issued to this

computer.

3. Roaming Identity: A Roaming Identity may be populated in this field or you can use %domain%\%

username% as the default format for entering a roaming identity.

When 802.1X Microsoft IAS RADIUS is used as an authentication server, the server

authenticates the device using the Roaming Identity from Intel® PROSet/Wireless WiFi

Software, and ignores the Authentication Protocol MS-CHAP-V2 user name. Microsoft IAS

RADIUS accepts only a valid user name (dotNet user) for the Roaming Identity. For all other

authentication servers, the Roaming Identity is optional. Therefore, it is recommended to use

the desired realm (for example, anonymous@myrealm) for the Roaming Identity rather than

a true identity.

Configure Roaming Identity to Support Multiple Users:

If you use a

Pre-logon/Common profile that requires the roaming identity to be based on the

Windows logon credentials, the creator of the profile can add a roaming identity that uses %

username% and %domain%. The roaming identity is parsed and the appropriate log on

information is substituted for the keywords. This allows maximum flexibility in configuring the

roaming identity while allowing multiple users to share the profile.

Please see your authentication server user guide for directions about how to format a suitable

roaming identity. Possible formats are:

%domain%\%user_name%

%user_name%@%domain%

%user_name%@%domain%.com

%user_name%@mynetwork.com

If Roaming Identity is blank, %domain%\%username% is the default.

Notes about the credentials: This user name and domain must match the user name that

is set in the authentication server by the administrator prior to client authentication. The user

name is case-sensitive. This name specifies the identity supplied to the authenticator by the

authentication protocol operating over the TLS tunnel. This user identity is securely

transmitted to the server only after an encrypted channel has been verified and established.

Authentication Protocols

This parameter specifies the authentication protocols that can operate over the TTLS tunnel. Next are

instructions on how to configure a profile that uses PEAP authentication with

GTC, MS-CHAP-V2 (Default),

TLS authentication protocols. The User Credentials selected are examples.

Generic Token Card (GTC)