Eap Security & Server Certificates - Overview - AMX MVP-9000i-GB Instruction Manual

APs do not display "WPA" or "WPA2" on their configuration screens:
WPA is normally displayed as TKIP.

WPA2 is normally displayed as AES CCMP.

The following fields are required: SSID and Password/Pass Phrase.
Enter the SSID of the AP.

Enter a pass phrase with a minimum of 8 characters and a maximum of 63.

The exact same pass phrase (including capitalization) must be entered in the access point.

WPA-PSK Settings
SSID
(Service Set Identifier):
Password:
Cancel/Save:
Refer to the Conf iguring Wireless Network Access section on page 33 for details on these security options.

Refer to the Using the Wireless Site Survey Tool section on page 34 for more information on using this tool.

EAP Security & Server Certif icates - Overview
The following EAP types all support a server certificate:
EAP-PEAP

EAP-TTLS

EAP-TLS

All three of these certificate-using security methods are documented in the following sections. EAP Authentication goes a step
beyond simply encrypting data transfers, but also requires that a set of credentials be validated before the client (panel) is allowed
to connect to the rest of the network (FIG. 78). Please note that no user intervention is necessary during this process, as it
proceeds automatically based on the configuration parameters entered into the panel.
Client - Panel
(supplicant)
EAP security method in process
FIG. 78
A server certificate file uses a certificate installed in a panel so that the RADIUS server can be validated before the panel tries to
connect to it. The field name associated with this file is Certif icate Authority.
If a server certificate is used, it should first be downloaded into the panel and the Certif icate Authority field should then be set to
the name of that certificate file. No file path should be used for this setting, as all certificates are stored in a specific directory that
the user cannot control or change. The most secure connection method uses a server certificate.
If no server certificate will be used, this field should be left blank. If the field contains a file name, then a valid certificate file with
the same file name must be previously installed on the panel. Otherwise the authentication process will fail.
MVP-9000i - Instruction Manual
Opens an on-screen keyboard to enter the SSID name used on the target AP. The SSID is a unique name used by
the AP, and is assigned to all panels on that network. An SSID is required by the AP before the panel is permitted
to join the network.
• The SSID is case sensitive and must not exceed 32 characters.
• Make sure this setting is the same for all points in your wireless network.
Opens an on-screen keyboard to enter a passphrase (password).
• This alpha-numeric string must use a minimum of 8 characters and a maximum of 63.
• The exact pass phrase string (including capitalization) must be entered on the target AP.
• Cancel - discard changes and return to the previous page.
• Save - store the new security information, apply changes, and return to the previous page.
802.1x
(EAP over Wireless)
Authenticator
(Wireless Access Point)
LAN
Authentication Server
(RADIUS Server)
Protected Setup Pages
64