Cisco AIR-CB21AG-W-K9 Configuration Guide - Page 80
PEAP-GTC Connection Settings, Description, Default, Validate server certificate, Do
View all Cisco AIR-CB21AG-W-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 80 highlights
Configuring PEAP-GTC Chapter 3 Configuring EAP Types Table 3-5 lists and describes PEAP-GTC connection settings. Table 3-5 PEAP-GTC Connection Settings PEAP-GTC Connection Settings Description Use anonymous outer identity Check this box to enable identity privacy protection. If this box is checked, the Outer identity field is enabled, and the outer identity in this field is used in response to an EAP identity request, which is sent in the clear. Default: On Outer identity field Enter an outer identity if the Use anonymous outer identity check box is checked. Follow an administrator's instructions, or follow RFC 4282 for guidelines about what to enter in the outer identity field. Default: anonymous Note The maximum numberl of characters allowed in this field is 256. Validate server certificate Check this box to validate the server certificate that is used to establish a tunnel. If the Validate server certificate box is checked and the Do not prompt user to authorize new servers or trusted certificate authorities box is checked, you must select one or more Trusted Root CA certificates from the list of trusted Certificate Authority certificates that are installed on the host system. If the Validate server certificate box is checked but the Do not prompt user to authorize new servers or trusted certificate authorities box is not checked, the list can be empty, and the user is prompted to validate the certificate. If authentication succeeds, then the Root CA that signed the server certificate is marked as trusted in the profile. The name of the server is then added to the Connect to only these servers field. Default: On Connect to only these servers Check this box to enter an optional server name that must match the server certificate that is presented by the server. You can enter multiple server names; separate multiple server names with semicolons. The PEAP-GTC module only allows connections to continue without prompting if the subject field (CN) or the subject alternative name in the server certificate matches the server names that you enter in this field. Default: Off Note You can use an asterisk (*) as a wildcard character in server names only if the asterisk appears before the first period (.) in the name.domain.com format. For example, "*.cisco.com" matches any server name that ends with ".cisco.com." If you put an asterisk anywhere else in the server name, it is not treated as a wildcard character. 3-26 Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide for Windows Vista OL-16534-01