Wi-Fi 802.1x authentication settings

These settings are not required based on the current Wi-Fi authentication settings. They are only configurable when WEP with 802.1x authentication or WPA with 802.1x authentication are enabled on the WiFi Security Settings tab.

• EAP Methods: These are the types of Extensible Authentication Protocols (EAP) or outer protocols that are allowed to establish the initial connection with an authentication server or access point. These are used with WEP with 802.1x authentication and WPA with 802.1x authentication.
  • PEAP: Stands for “Protected Extensible Authentication Protocol.” A user name and password must be specified to use PEAP.
  • TLS: Stands for “Transport Layer Security.” A client certificate and private key must be installed in order to use TLS.
  • TTLS: Stands for “Tunneled Transport Layer Security.” A user name and password must be specified to use TTLS.

• PEAP/TTLS Tunneled Authentication Protocols: These are the types of inner protocols that you can use within the encrypted connection established by PEAP or TTLS.

  You can use these Extensible Authentication Protocols (EAP) with PEAP or TTLS.

  • GTC: Generic Token Card.
  • MD5: Message Digest Algorithm.
  • MSCHAPv2: Microsoft Challenge response Protocol version 2.
  • OTP: One Time Password.

  You can use these non-EAP protocols that with TTLS.

  • CHAP: Challenge Response Protocol.
  • MSCHAP: Microsoft Challenge response Protocol.
  • TTLS MSCHAPv2: TTLS Microsoft Challenge. response Protocol version 2.
  • PAP: Password Authentication Protocol.
• Client Certificate Use: When the TLS is protocol is enabled, a client certificate and private key must be installed on the Digi device.
  • Certificate: Click Browse to select a client certificate file. Then click the next Browse to select a private key file.
  • Private Key File: If the private key file is encrypted, a password must be specified.
• Trusted Certificates: Adds and lists trusted certificates.
  • Verify server certificates: Enable to verify that certificates received from an authentication server or access point are signed by a trusted certificate authority (CA). Standard CAs are built in. Additional trusted certificates may be added.
  • Trusted Certificate File: To add additional trusted certificates, click Browse to select a certificate file to upload to the Digi device, then click Upload.
• Installed Certificates: Shows which client certificates have been added and are in use.