Eap-Ttls Settings - AMX MVP-5100 Operation/Reference Manual

EAP-TTLS Settings

In the Wireless Security: Enterprise Mode popup window (FIG. 53), press the Security Type field to select
EAP-TTLS.
TTLS (EAP Tunneled Transport Layer Security) is an authentication method that does not use a client
certificate to authenticate the panel. However. this method is more secure than PEAP because it does not
broadcast the identity of the user. Setup is similar to PEAP, but differs in the following areas:



EAP-TTLS security is designed for wireless environments where the Radius server needs to validate
directly the identity of the client (panel) before allowing it access to the network. This validation is done
by tunneling a connection through the AP and directly between the panel and the Radius server. Once the
client is identified and then validated, the Radius server disconnects the tunnel and allows the panel to
access the network directly via the target AP.
EAP-TTLS Settings
SSID:
Identity:
Anon. Identity:
Password:
MVP-5100/5150 5.2" Modero Viewpoint Touch Panels
An anonymous identity must be specified until the secure tunnel between the panel and the
Radius server is setup to transfer the real identity of the user.
There is no end-user ability to select from the different types of PEAP.
Additional Inner Authentication choices are available to the end-user.
Opens an on-screen keyboard to enter the SSID name used on the target AP.
The SSID is a unique name used by the AP, and is assigned to all panels on
that network. An SSID is required by the AP before the panel is
permitted to join the network.
• The SSID is case sensitive and must not exceed 32 characters.
• Make sure this setting is the same for all points in the wireless network.
• With EAP security, the SSID of the AP must be entered. If it is left blank, the
panel will try to connect to the first access point detected that supports
EAP. However, a successful connection is not guaranteed because the
detected AP may be connected to a RADIUS server, which may not
support this EAP type and/or have the proper user identities configured.
Opens an on-screen keyboard. Enter an EAP Identity string (used by the
panel to identify itself to an Authentication (RADIUS) Server).
Note: This information is similar to a username used to login to a secured
server or workstation. This works in tandem with the Password string which is
similar to the password entered to gain access to a secured workstation.
Typically, this is in the form of a username such as: jdoe@amx.com.
Opens an on-screen keyboard. Enter an IT provided alpha-numeric string
which (similar to the username) used as the identity, but that does not
represent a real user.
This information is used as a fictitious name which might be seen by sniffer
programs during the initial connection and setup process between the panel
and the Radius server. In this way the real identity (username) is protected.
Typically, this is in the form of a fictitious username such as:
anonymous@amx.com
Opens an on-screen keyboard. Enter the network password string specified
for the user entered within the Identity field (used by the panel to identify itself
to an Authentication (RADIUS) Server)
Note: This information is similar to the password entered to gain access to a
secured workstation.
Protected Setup Pages
73