Page 66 / 86 Scroll up to view Page 61 - 65
The following test will use the inbuilt 802.1X authentication method such as ,EAP_TLS,
PEAP_CHAPv2(Windows XP with SP1 only), and PEAP_TLS(Windows XP with SP1 only) using the
Smart Card or other Certificate of the Windows XP Professional.
DUT and Windows 2000 Radius Server Setup
Setup Windows 2000 RADIUS Server
We have to change authentication method to MD5_Challenge or using smart card or other certificate
on RADIUS server according to the test condition.
Setup DUT
1. Enable the 802.1X (check the “Enable checkbox“).
2. Enter the RADIUS server IP.
3. Enter the shared key. (The key shared by the RADIUS server and DUT).
4. We will change 802.1X encryption key length to fit the variable test condition.
Setup Network adapter on PC
1. Choose the IEEE802.1X as the authentication method. (Fig 2)
2. Choose MD5-Challenge or Smart Card or other Certificate as the EAP type.
3. If choosing use smart card or the certificate as the EAP type, we select to use a certificate on this
computer.
4.
We will change EAP type to fit the variable test condition.
Figure 2 is a setting picture of Windows XP without service pack 1. If users
upgrade to service pack 1, then they can’t see MD5-Challenge from EAP type
list any more, but they will get a new Protected EAP (PEAP) option.
58
Downloaded from
www.Manualslib.com
manuals search engine
Page 67 / 86
Figure 2: Enable IEEE 802.1X access control / Smart card or certificate properties
Windows 2000 RADIUS server Authentication testing:
DUT authenticate PC1 using certificate. (PC2 follows the same test procedures.)
1. Download and install the certificate on PC1. (Fig 4)
2. PC1 chooses the SSID of DUT as the Access Point.
3. Set authentication type of wireless client and RADIUS server both to EAP_TLS.
4. Disable the wireless connection and enable again.
5. The DUT will send the user's certificate to the RADIUS server, and then send the message of
authentication result to PC1. (Fig 5)
6. Windows XP will prompt that the authentication process is success or fail and end the
authentication procedure. ( Fig 6)
7. Terminate the test steps when PC1 get dynamic IP and PING remote host successfully.
Downloaded from
www.Manualslib.com
manuals search engine
Page 68 / 86
Figure 4: Certificate information on PC1
Figure 5: Authenticating
60
Downloaded from
www.Manualslib.com
manuals search engine
Page 69 / 86
Figure 6: Authentication success
DUT authenticate PC2 using PEAP-TLS.
1. PC2 chooses the SSID of DUT as the Access Point.
2. Set authentication type of wireless client and RADIUS server both to PEAP_TLS.
3. Disable the wireless connection and enable again.
4. The DUT will send the user's certificate to the RADIUS server, and then send the message of
authentication result to PC2.
5. Windows XP will prompt that the authentication process is success or fail and end the
authentication procedure.
6. Terminate the test steps when PC2 get dynamic IP and PING remote host successfully.
Support Type: The router supports the types of 802.1x Authentication: PEAP-CHAPv2 and
PEAP-TLS.
1. PC1 is on Windows XP platform without Service Pack 1.
2. PC2 is on Windows XP platform with Service Pack 1a.
3. PEAP is supported on Windows XP with Service Pack 1 only.
4. Windows XP with Service Pack 1 allows 802.1x authentication only when data
encryption function is enable.
Downloaded from
www.Manualslib.com
manuals search engine
Page 70 / 86
Appendix B WPA-PSK and WPA
Wireless Router: LAN IP: 192.168.123.254
WAN IP: 192.168.122.216
Radius Server: 192.168.122.1
User A: XP Wireless Card:Ti-11g
Tool: Odyssey Client Manager
Refer to:
www.funk.com
Download:
Or Another Configuration:
WPA-PSK
In fact, it is not necessary for this function to authenticate by Radius Server, the client and wireless
Router authenticate by them.
62
Downloaded from
www.Manualslib.com
manuals search engine

Rate

4.7 / 5 based on 3 votes.

Popular LevelOne Models

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top