Configuring an MX6 Radio for WPA 263
E-EQ-MX6RG-E-ARC MX6 Reference Guide
Version 7.03 Version 7.11 and 7.13
Figure 7-4 Add a New Profile
1. Tap the Add
button for a new profile and enter a name for the authentication profile.
2. Enter a valid Identity. This must be a username that is already in the RADIUS server. No
password is entered. You may choose to use a dummy login entered into the RADIUS
server for Phase 1 connection. Then use another identity for Phase 2 when the data is
encrypted.
3. Set Authentication Type to PEAP.
4. Do not use a certificate for PEAP client authentication.
5. At the tunneled authentication box choose EAP-MSCHAP v2 in the Protocol drop down
box. See “Tunneled Authentication” for parameter explanations.
6. Enter the username in the identity text box again here, then enter the password for the
username.
Proceed to the Skip Server Validation step.
Tunneled Authentication
The following Tunneled Authentication parameters are used by PEAP, in phase 2 of
authentication, after the secure tunnel has been established. They are only configurable if PEAP is
selected.
Identity – This is the user identity for phase 2 authentication. The identity specified may contain
up to 63 ASCII characters, is case sensitive and takes the form of a Network Access Identifier,
consisting of <name of the user>@<user’s home realm>. The user’s home realm is optional and
is usually used to indicate to the authentication server that it should forward the authentication
request to another server which holds credentials for the indicated domain.
Password – The password used for the tunneled authentication protocol specified. It may contain
up to 63 ASCII characters and is case sensitive. The characters you enter will be replaced by
asterisks (“*”) while you type.
Authentication protocol – This parameter specifies the authentication protocol operating within
the secure tunnel.
