User Manual
Password (up to 32 characters)
"Validate server" checkbox: Check this if you are using a CA certificate to validate an authentication
server. When this is checked, you must enter a certificate filename in the CA Cert field or check the
"Use MS store" checkbox.
CA Cert: Filename of root certificate authority (CA) digital certificate (up to 32 characters) -- leave
blank if "Use MS store" checkbox is checked
"Use MS store" checkbox: Check this if the Microsoft certificate store should be used for a CA
certificate. This is applicable only when "Validate server" is checked.
EAP-TLS:
User: Username or Domain\Username (up to 64 characters)
Password (up to 32 characters)
"Validate server" checkbox: Check this if you are using a CA certificate to validate an authentication
server. When this is checked, you must enter a certificate filename in the CA Cert field or check the
"Use MS store" checkbox.
CA Cert: Filename of root certificate authority (CA) digital certificate (up to 32 characters) -- leave
blank if "Use MS store" checkbox is checked
"Use MS store" checkbox: Check this if the Microsoft certificate store should be used for a CA
certificate. This is applicable only when "Validate server" is checked.
User Cert: Click the "..." button to select a user (or client) certificate from the Microsoft certificate
store. You may not enter a filename, because the user certificate must reside in the Microsoft
certificate store. When you browse for a certificate, the pop-up box shows two fields, Issued By and
Issued To.
There are no default values for credentials. Here are some important notes on entering credentials for EAP
authentication:
If the credentials are not specified in the profile then, when the radio tries to associate using that profile,
Summit software will display a dialog box that prompts the user to enter the credentials. Summit software
will populate the dialog box with the username and password supplied for the previous EAP authentication.
If the credentials specified in the profile do not match those in the authentication database then, when that
profile is used:
If the EAP type is EAP-FAST or EAP-TLS, authentication will fail.
If the EAP type is LEAP, PEAP-MSCHAP, or PEAP-GTC, then Summit software will try the
credentials three times and then prompt the user to enter valid credentials. Once EAP authentication
is passed, Summit software will store the valid credentials in the profile.
When prompted with a dialog box, the user can enter valid credentials, enter invalid credentials, or cancel
the operation:
If the user enters valid credentials and taps the OK button, the radio will associate and authenticate.
If the user enters invalid credentials and taps the OK button, the radio will associate but not
authenticate, and the user will be re-prompted to enter credentials.
If the user taps the Cancel button or the user clears the credentials fields and taps the OK button, then
the radio will not attempt to associate with that profile until the user performs one of the following
actions (while the profile is the active profile):
Causes the device to go through a power cycle or suspend/resume
Disables and enables the radio or taps the Reconnect button on the Diags window
Modifies the profile and taps the Commit button
Alternatively, the user can select another profile as the active profile and then switch
back to the profile for which EAP authentication was canceled.
If the password stored in the profile or provided in the dialog box has expired in the authentication
database, then the authentication server may send an "Expired Password" (RFC 2759) message to the client.
If the EAP type is PEAP-MSCHAP or PEAP-GTC, then Summit software handles that message by