Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless Features

WPA in action - Client "Enterprise" mode

As I previously described, the only differences between WPA-PSK and "normal" WPA is in where authentication itself takes place and the credentials used for authentication. In WPA-PSK mode, authentication takes place in the AP or wireless router, using the Pre-Shared Key manually entered in the AP and wireless clients as the credentials.

In "Enterprise" WPA, authentication is done in an authentication server using a variety of credential types including digital certificates, unique usernames and passwords, smart cards, or other forms of secure IDs. The AP or wireless router serves only to bridge the authentication traffic between the wireless and wired networks.

WPA uses EAP (Extensible Authentication Protocol) to enforce user-level authentication using the 802.1x Port-Based Network Access Control standard framework. EAP was designed to be extendable to support a variety of authentication methods and protocols. The exact methods supported depend on the client supplicant and authentication server used, and of course the method you select must be supported on both client and server!

As I noted earlier, it's turning out that WPA client supplicants are harder to implement than WLAN equipment vendors were led to believe. They're also sizable applications, since they contain most of the intelligence in authentication process. So the client end of things may end up determining the exact authentication methods used.

As Figure 9 shows, the Windows XP WPA patch supports only EAP-Transport Level Security (EAP-TLS) for certificate and smart card-based authentication and Protected EAP-Microsoft Challenge Handshake Authentication Protocol version 2 (PEAP-MS-CHAP v2) for password-based authentication.

XP Client Authentication options

Figure 9: XP Client Authentication options

The Funk Odyssey and Meetinghouse AEGIS supplicants that some WLAN equipment vendors are either bundling or referring users to offer a wider choice of methods including EAP-TTLS, EAP-PEAP, EAP-TLS, Cisco's LEAP, and EAP-MD5.

That's about where I'm going to stop on this WPA mode, since the client side setup is very configuration and method dependent. Suffice it to say that if you're faced with setting up a client for WPA "Enterprise" mode, you'd better hope that your network administrator gives you clear instructions!

Now that you know what's involved in setting up WPA, it's time to finally see whether you'll be giving up throughput to use it!

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hello guys, I need suggestions and an honest opinion from you.I just moved to a new home and this is my current scenario:My current gig (Asus AiMesh):...
I have 2 RT-AC68Us with the second setup as an access point to cover more distance. Whenever I connect wirelessly to the AP, the speed is no more than...
Greetings everyone, this is my first post, but I follow this forum for quite some time.I have search the forum, but have found nothing or I did not se...
Hello,first - sorry for my english, but i can't find a forum like this.I'm sure that you can help me.I habe 2 Asus here. AC 68U (upstairs) and a new B...
Hello!It’s me and my new 231p2 again.Going to upgrade the ram to 4gb, would this 4gb crucial be ok??Don’t think I’ll need 8gb thoughThankshttps://www....

Don't Miss These

  • 1
  • 2
  • 3