User Manual
Psion Teklogix 9160 Wireless Gateway User Manual C-19
Appendix C: Configuring Security Settings On Wireless Clients
WPA/WPA2 Enterprise (RADIUS) Client Using EAP/PEAP
The 9160 Wireless Gateway Built-in Authentication Server supports Protected
Extensible Authentication Protocol (EAP) known as “EAP/PEAP” and Microsoft
Challenge Handshake Authentication Protocol Version 2 (MSCHAP V2), which
provides authentication for point-to-point (PPP) connections between a Windows-
based computer and network devices such as access points.
So, if you configure the network (access point) to use security mode and choose the
Built-in Authentication server, you must configure client stations to use WPA/WPA2
Enterprise (RADIUS) and EAP/PEAP.
If you configure the network (access point) to use this security mode with an
external RADIUS server, you must configure the client stations to use WPA/WPA2
Enterprise (RADIUS) and whichever security protocol your RADIUS server is
configured to use.
C.7.1 WPA/WPA2 Enterprise (RADIUS) Client Using EAP/PEAP
The Built-In Authentication Server on the 9160 Wireless Gateway uses Protected
Extensible Authentication Protocol (EAP) known as “EAP/PEAP”.
• If you are using the Built-in Authentication server with “WPA/WPA2
Enterprise (RADIUS)” security mode on the 9160 Wireless Gateway, then
you will need to set up wireless clients to use PEAP.
• Additionally, you may have an external RADIUS server that uses
EAP/PEAP. If so, you will need to:
(1) Add the 9160 Wireless Gateway to the list of RADIUS server clients.
AND
(2) Configure your “WPA/WPA2 Enterprise (RADIUS)” wireless clients to
use PEAP.
Note: The following example assumes you are using the Built-in Authentication
server that comes with the 9160 Wireless Gateway. If you are setting up
EAP/PEAP on a client of an AP that is using an external RADIUS server,
the client configuration process will differ somewhat from this example
especially with regard to certificate validation.