Firmware Pages and Descriptions

TTLS (EAP Tunneled Transport Layer Security) was an authentication method, like PEAP, that does not use a client certificate to authenticate the panel. This method is more secure than PEAP in that it does not broadcast the identity of the user. The setup, although similar to PEAP, differs in the following areas:

An anonymous identity MUST be specified until the secure tunnel between the panel and the Radius server is setup to transfer the real identity of the user.

There is no end-user ability to select from the different types of PEAP.

Additional Inner Authentication choices are available to the end-user.

An EAP-TTLS security method is designed for wireless environments where its necessary to first have the Radius server directly validate the identity of the client (panel) before allowing it access to the network. This validation is done by tunneling a connection through the WAP and directly between the panel and the Radius server. By initially keeping the network out of the picture, there is far more security validation going on behind the scenes before any possible access to the network is granted to the client. Once the client is identified and then validated, the Radius server disconnects the tunnel and allows the panel to access the network directly via the target WAP. Refer to the EAP Authentication section on page 205 for further details on these security options. Refer to the Using the Site Survey tool section on page 61 for more information on using this feature. Pressing the EAP-TTLSbutton opens the EAP- TTLS Settings dialog (FIG. 110).

Required Information:

-SSID (Network Name used by the Target WAP)

-Identity (similar to the Username used for network access)

-Password (similar to the Password used for network access)

-Inner Authentication Type (supported by Devicescape)

FIG. 110 Wireless Settings page - EAP-TTLS security method

Wireless Security - EAP-TTLS Settings

SSID (Service Set Identifier):

The SSID is the unique name used on the WAP and then assigned to all panels in a wireless network that are communicating to the same target WAP.

This is required by the WAP before the panel is permitted to join the wireless network.

It is case sensitive and must not exceed 32 characters, which may be any keyboard character. Make sure this setting is the same for all points in your wireless network.

This unique string identifies the network and is the same string for all users on the same network.

Use the on-screen keyboard’s Clear button to completely erase any previously stored SSID information.

Note: In all cases, the SSID of the WAP must be entered. If it is left blank, the panel will try to connect to the first access point which can be found that supports EAP. In this situation however, a successful connection is not guaranteed because the identified WAP may be connected to a RADIUS server which does not support the specified EAP type and/or may not have the proper user identities configured.

7" Modero Widescreen Touch Panels

127

 

 

Page 137
Image 137
AMX CV7 manual Wireless Security EAP-TTLS Settings, Wireless Settings page EAP-TTLS security method