Eap-Tls Settings - AMX MVP-5100 Operation/Reference Manual

EAP-TLS Settings

In the Wireless Security: Enterprise Mode popup window (FIG. 53), press the Security Type field to select
EAP-TLS.
TLS (Transport Layer Security) was the original standard wireless LAN EAP authentication protocol.
TLS requires additional work during the deployment phase, but provides additional security since even a
compromised password is not enough to break into an EAP-TLS protected wireless network
environment.
EAP-TLS security is designed for wireless environments where it is necessary to securely transmit data
over a wireless network by adding an additional level of security protocol via the use of a private key.
EAP-TLS Settings
SSID:
Identity:
Certificate Authority:
Client Certificate:
Private Key:
Private Key password:
MVP-5100/5150 5.2" Modero Viewpoint Touch Panels
Opens an on-screen keyboard for entering the SSID name used on the target
AP. The SSID is a unique name used by the AP, and is assigned to all panels
on that network. An SSID is required by the AP before the panel is permitted
to join the network.
• The SSID is case sensitive and must not exceed 32 characters.
• Make sure this setting is the same for all points in the wireless network.
• With EAP security, the SSID of the AP must be entered. If it is left blank, the
panel will try to connect to the first access point detected that supports
EAP. However, a successful connection is not guaranteed because the
detected AP may be connected to a RADIUS server, which may not
support this EAP type and/or have the proper user identities configured.
Opens an on-screen keyboard for entering an EAP Identity string (used by
the panel to identify itself to an Authentication (RADIUS) Server).
Note: This information is similar to a username used to login to a secured
server or workstation. This works in tandem with the Password string, which
is similar to the password entered to gain access to a secured workstation.
Typically, this is in the form of a username such as: jdoe@amx.com.
When pressed, the panel displays an on-screen Certificate Authority (CA)
File Location keyboard, for entering the name of the certificate authority file
which is used to validate the server certificate.
This field is optional.
If a server certificate is used, it should first be downloaded into the panel and
the Certificate Authority field should then be set to the name of that certificate
file. No file path should be used for this setting, as all certificates are stored in
a specific directory that the user cannot control or change.
• Use the on-screen keyboard's Clear button to completely erase any
previously stored network path information.
Opens an on-screen keyboard for entering the name of the file containing the
client (panel) certificate for use in certifying the identity of the client (panel).
• Refer to the Client certificate configuration section on page 77 for
information regarding Client Certificates and their parameters.
When pressed, the panel displays an on-screen Client Private Key File
Location keyboard for entering the name of the file containing the private key.
• Use the on-screen keyboard's Clear button to completely erase any
previously stored network path information.
This field should only be used if the Private Key is protected with a password.
If no password protection is associated with the Private Key, then this field
should be left blank .
• When pressed, the panel displays an on-screen Private Key Password
keyboard which allows you to enter an alpha-numeric password string.
• Use the on-screen keyboard's Clear button to completely erase any
previously stored network path information.
Protected Setup Pages
75