Dell Powerconnect W-ClearPass Virtual Appliances W-ClearPass Guest 6.0 Deploym - Page 121
Configuring Device Authentication Settings, iOS & OS X Credentials
View all Dell Powerconnect W-ClearPass Virtual Appliances manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 121 highlights
l Configure PEAP with MSCHAPv2 for Onboard devices - Android, Windows, and legacy OS X (10.5/10.6). l Configure EAP-TLS for iOS devices and OS X (10.7 or later). l Other EAP methods, while possible, are limited in their applicability and should only be used if you have a specific requirement for that method. The Windows EAP options that may be specified include: l Enable Fast Reconnect - Fast Reconnect is a PEAP property that enables wireless clients to move between wireless access points on the same network without being re-authenticated each time they associate with a new access point. If TLS is selected, Fast Reconnect is not available. l Enforce Network Access Protection- Enable this option to obtain a system statement-of-health (SSoH) from the OnGuard or Microsoft NAP Agent and send it to the authentication server during the 802.1X authentication process. Use this option to enforce network access control (NAC) protections on the network. If TLS is selected, Enforce Network Access Protection is not available. l Enforce Cryptobinding - Cryptobinding is a process that protects the authentication protocol negotiation against man-in-the-middle attacks. The cryptobinding request and response performs a two-way handshake between the peer and the authentication server using key materials. If TLS is selected, Enforce Cryptobinding is not available. l Do one of the following: n Click the Previous button to return to the Access tab. n Click the Next button to continue to the Authentication tab. l Click the Create Network button to make the new network configuration settings take effect n Click the Cancel button to discard your changes and return to the main Onboard configuration user interface. Configuring Device Authentication Settings Click the Authentication tab to display the Enterprise Authentication form. 1. Select one of these options in the iOS & OS X Credentials drop-down list: l Certificate - A device certificate will be provisioned and used for EAP-TLS client authentication. When this option is selected, EAP-TLS must be selected on the Protocols tab. l Username & Password - A device certificate will be provisioned, but the client authentication will use unique device credentials (as for Onboard devices). When this option is selected, EAP-TTLS or PEAP must be selected on the Protocols tab. 2. The Windows Authentication options that may be selected are: Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Configuring Device Authentication Settings | 121