Silex technology SX-560 Realm, Password, Authentication Protocol, Authentication Certificate

Realm

A realm defines a grouping of users. If a realm is required for your network, it is separated from the user ID by a '@' character. A realm makes it easier to segregate user groups into independently administered databases, to apply policies on a user group basis, and to establish roaming agreements. The default realm if not specified is 'anonymous'. Enter the realm on the Configure Network Security screen in the SX-560 internal web pages, or use the console command SET NW REALM <realm>, where <realm> is the name of the realm.

Password

This parameter is the logon password that the server uses to authenticate to the 802.1x-enabled network. The user ID and password must be in the authentication server database. The password may be a text string, or a string of hex bytes. Enter the password on the Configure Network Security screen in the SX- 560 internal web pages, or use the console command SET NW PW <password>, where <password> is the password (default value is anonymous).

Authentication Protocol

This parameter determines how the server authenticates itself to the 802.1x-enabled network after an 802.1x session is established. The default is PAP; MSCHAP_V2 is the alternative protocol. Select the desired protocol on the Configure Network Security screen in the SX-560 internal web pages, or use the console command SET NW INAP <password>, where <password> is PAP or MSCHAP_V2.

Authentication Certificate

Authentication certificates are used by TLS and PEAP. You can enter the certificate from a file on your disk using the SX-560 web browser interface as follows:

1.Log into the web browser interface as described in Chapter 3

2.Click Wireless on the left side of the screen

3.Click Configure Network Security

4.Click Configure Authentication Server Certificate

5.Click Browse and select the file on your computer that contains the certificate

6.Click Submit

Private Key (TLS Wireless Security Only)

Private key information or the corresponding public key certificate for the SX-560 can be loaded from disk (Private Key Information File) or manually entered. If the file is encrypted, you must enter the passphrase in the passphrase entry field on the Configure Private Key page in the internal web pages of the SX-560 (NOTE: At present, only PEM format files are supported). To manually generate a self-signed certificate for the SX-560, the following information is required:

•Certificate Common Name

•Organization name

•Organization unit

•City name

•State name

•Country name

•Key Size (1024 or 2048)

You may enter this information on the Configure Private Key page in the internal web pages of the SX- 560 (it cannot be entered via console commands).