Manualshelf

User manual

ManualsBrandsPsion Teklogix ManualsCar Video SystemVehicle-Mount Computer 8515
171172173174175176177178179180
Appendix B: SCU for 802.11b/g Radio
Profile
Psion Teklogix 8515 Vehicle-Mount Computer User Manual B-7
PEAP: Provides secure user authentication by using a TLS tunnel to encrypt EAP traf-
fic. Two different inner methods are used with PEAP:
- EAP-MSCHAPV2, resulting in PEAP-MSCHAP: This is appropriate for use against
Windows Active Directory and domains.
- EAP-GTC, resulting in PEAP-GTC: This is for authentication with one-time pass-
words (OTPs) against OTP databases such as SecureID.
LEAP: Is an authentication method for use with Cisco WLAN access points. LEAP
does not require the use of server or client certificates. LEAP supports Windows Active
Directory and domains but requires the use of strong passwords to avoid vulnerability to
offline dictionary attacks.
EAP-FAST: Is a successor to LEAP and does not require strong passwords to protect
against offline dictionary attacks. Like LEAP, EAP-FAST does not require the use of
server or client certificates and supports Windows Active Directory and domains.
B.1.2.2 SCU EAP Types
The following EAP types are supported by the integrated supplicant and can be configured
in SCU: LEAP, EAP-FAST, PEAP-MSCHAP, PEAP-GTC, and EAP_TLS. With each of
these types, if authentication credentials are not stored in the profile, you will be prompted
to enter credentials the first time the radio attempts to associate to an access point that sup-
ports 802.1X (EAP).
LEAP: Strong passwords are recommended.
EAP-FAST: SCU supports automatic, not manual, PAC provisioning.
PEAP-MSCHAP: Provides secure user authentication by using a TLS tunnel to
encrypt EAP traffic. MSCHAP is used as the inner authentication method. This is
appropriate for use against Windows Active Directory and domains.
PEAP-GTC: SCU supports static (login) passwords only.
EAP-TLS: Provides strong security via the use of client certificates for
user authentication.
EAP-TLS will work with an 802.11b/g radio module when Windows Zero Config (WZC)
rather than the SCU is used to configure the type. With WZC, the native Windows supplicant
instead of the SCU integrated supplicant is used.
B.1.2.3 EAP Credentials
Keep the following in mind when defining security settings:
Note: PEAP and EAP-TLS require the use of Windows facilities for the configura-
tion of digital certificates.