Setup Pages

EAP-PEAP Settings (Cont.)

Certificate Authority:

When pressed, the panel displays an on-screen Certificate Authority (CA)

 

File Location keyboard which allows you to enter the name of the certificate

 

authority file which is used to validate the server certificate. This field is

 

optional.

 

If a server certificate is used, it should first be downloaded into the panel and

 

the Certificate Authority field should then be set to the name of that certificate

 

file. No file path should be used for this setting as all certificates are stored in

 

a specific directory that the user cannot control or change.

 

Use the on-screen keyboard’s Clear button to completely erase any

 

 

previously stored network path information.

 

 

PEAP Version:

When pressed, this field cycles through the choices of available PEAP:

 

PEAPv0, PEAPv1, or PEAPv1 w/peaplabel=1.

 

 

Inner Authentication Type:

When pressed, this field cycles through the choices of available Inner

 

Authentication mechanisms supported by the Devicescape Secure Wireless

 

Client. The most commonly used are: MSCHAPv2 and GTC.

 

• MSCHAPv2 (used with PEAPv0)

 

• TLS

 

• GTC (used with PEAPv1)

 

• OTP

 

MD5-Challenge

 

 

 

Save/Cancel:

Save - store the new security information, apply changes, and return to

 

 

the previous page.

 

Cancel - discard changes and return to the previous page.

 

 

 

Refer to the EAP Authentication section on page 166 for further details on these security options. Refer to the Using the Site Survey tool section on page 18 for more information on using this feature.

EAP-TTLS Settings

TTLS (EAP Tunneled Transport Layer Security) is an authentication method that does not use a client certificate to authenticate the panel. However. this method is more secure than PEAP because it does not broadcast the identity of the user. Setup is similar to PEAP, but differs in the following areas:

An anonymous identity must be specified until the secure tunnel between the panel and the Radius server is setup to transfer the real identity of the user.

There is no end-user ability to select from the different types of PEAP. Additional Inner Authentication choices are available to the end-user.

EAP-TTLS security is designed for wireless environments where it is necessary to have the Radius server directly validate the identity of the client (panel) before allowing it access to the network. This validation is done by tunneling a connection through the WAP and directly between the panel and the Radius server. Once the client is identified and then validated, the Radius server disconnects the tunnel and allows the panel to access the network directly via the target WAP.

EAP-TTLS Settings

SSID (Service Set Identifier):

Opens an on-screen keyboard to enter the SSID name used on the target WAP.

The SSID is a unique name used by the WAP, and is assigned to all panels on that network. An SSID is required by the WAP before the panel is permitted to join the network.

The SSID is case sensitive and must not exceed 32 characters.

Make sure this setting is the same for all points in your wireless network.

NXA-WAP200Gs use AMX as their default SSID.

With EAP security, the SSID of the WAP must be entered. If it is left blank, the panel will try to connect to the first access point detected that supports EAP. However, a successful connection is not guaranteed because the detected WAP may be connected to a RADIUS server, which may not support this EAP type and/or have the proper user identities configured.

68

MVP-8400i 8.4" Modero® ViewPoint® Touch Panel with Intercom

Page 81 Page 83
Page 82
Image 82
AMX MVP-8400i manual EAP-TTLS Settings, PEAPv0, PEAPv1, or PEAPv1 w/peaplabel=1, Inner Authentication Type
Page 81 Page 83
Top Page Image Contents