Eap-Leap - AMX MVP-9000i-GB Instruction Manual

EAP-LEAP

From the Security Modes options, press the Enterprise button to open the Wireless Security: Enterprise Mode page. Scroll through
the Security Type options to select EAP-LEAP (FIG. 79).
Wireless Security: Enterprise Mode - EAP-LEAP
FIG. 79
EAP (Extensible Authentication Protocol) is an Enterprise authentication protocol that can be used in both wired and wireless
network environments. EAP requires the use of an 802.1x Authentication Server, also known as a Radius server. The configuration
fields described below take variable length strings as inputs. An on-screen keyboard is opened when these fields are selected.
LEAP (Lightweight Extensible Authentication Protocol) was developed to transmit authentication information securely in a wireless
network environment.
NOTE: LEAP does not use client (panel) or server (RADIUS) certif icates, and is therefore one of the least secure EAP security methods.
However, it can be utilized successfully by implementing suff iciently complex passwords.
EAP-LEAP security is designed for wireless environments where having a client or server certificate validation scheme in place is
not required, yet necessary to transmit data securely over a wireless network.
EAP-LEAP
SSID
(Service Set Identifier):
Identity:
Password:
Key Mgmt:
Cancel/Save:
Refer to the EAP Authentication section on page 146 for further details on these security options.

Refer to FIG. 80 for an example of how a typical EAP-LEAP system configuration page should appear.

MVP-9000i - Instruction Manual
Opens an on-screen keyboard to enter the SSID name used on the target AP.
The SSID is a unique name used by the AP, and is assigned to all panels on that network. An SSID is required by
the AP before the panel is permitted to join the network.
• The SSID is case sensitive and must not exceed 32 characters.
• Make sure this setting is the same for all points in the wireless network.
• With EAP security, the SSID of the AP must be entered. If it is left blank, the panel will try to connect to the first
access point detected that supports EAP. However, a successful connection is not guaranteed because the
detected AP may be connected to a RADIUS server, which may not support this EAP type and/or have the
proper user identities configured.
Opens an on-screen keyboard. Enter an EAP Identity string (used by the panel to identify itself to an
Authentication (RADIUS) Server).
Note: This information is similar to a username used to login to a secured server or workstation. This works in
tandem with the Password string which is similar to the password entered to gain access to a secured workstation.
Typically, this is in the form of a username such as jdoe@amx.com.
Opens an on-screen keyboard. Enter the network password string specified for the user entered within the
Identity field (used by the panel to identify itself to an Authentication (RADIUS) Server)
Note: This information is similar to the password entered to gain access to a secured workstation.
This button has 4 options:
WPA-EAP: The default and most common setting for EAP authentication methods. Accepts WPA, WPA2 & TKIP,
or AES.
8021X: Used to specify IEEE 802.1x port authentication only.
CCKM-WPA: Cisco key management option. Used with CCKM and WPA (TKIP encryption only) authentication.
CCKM-WPA2: Cisco key management option. Used with CCKM and WPA2 (AES encryption only)
authentication.
Note: The Key Mgmt selection must match the security settings on the AP in order for the connection to be
successful.
• Cancel - discard changes and return to the previous page.
• Save - store the new security information, apply changes, and return to the previous page.
Protected Setup Pages
65