Eap-Fast - AMX MVP-9000i-GB Instruction Manual

EAP-LEAP sample Cisco System Security page
FIG. 80

EAP-FAST

From the Security Modes options, press the Enterprise button to open the Wireless Security: Enterprise Mode page. Scroll through
the Security Type options to select EAP-FAST (FIG. 81).
Wireless Security: Enterprise Mode - EAP-FAST
FIG. 81
EAP-FAST (Flexible Authentication via Secure Tunneling) security was designed for wireless environments where security and ease
of setup are equally desirable. EAP-FAST uses a certificate file, however it can be configured to download the certificate
automatically the first time the panel attempts to authenticate itself. Automatic certificate downloading is convenient but slightly
less secure, since its the certificate is transferred wirelessly and could theoretically be "sniffed-out".
EAP-FAST
SSID
(Service Set Identifier):
Identity:
Anonymous Identity:
Password:
MVP-9000i - Instruction Manual
Opens an on-screen keyboard to enter the SSID name used on the target AP.
The SSID is a unique name used by the AP, and is assigned to all panels on that network. An SSID is required by
the AP before the panel is permitted to join the network.
• The SSID is case sensitive and must not exceed 32 characters.
• Make sure this setting is the same for all points in the wireless network.
• With EAP security, the SSID of the AP must be entered. If it is left blank, the panel will try to connect to the first
access point detected that supports EAP. However, a successful connection is not guaranteed because the
detected AP may be connected to a RADIUS server, which may not support this EAP type and/or have the
proper user identities configured.
Opens an on-screen keyboard to enter an EAP Identity string (used by the panel to identify itself to an
Authentication (RADIUS) Server).
Note: This information is similar to a username used to login to a secured server or workstation. This works in
tandem with the Password string which is similar to the password entered to gain access to a secured workstation.
Typically, this is in the form of a username such as: jdoe@amx.com.
Opens an on-screen keyboard to enter an IT provided alphanumeric string which (similar to the username) is
used as the identity, but that does not represent a real user.
This information is used as a fictitious name which might be seen by sniffer programs during the initial
connection and setup process between the panel and the Radius server. In this way the real identity (username)
is protected. Typically, this is in the form of a fictitious username, such as anonymous@amx.com
Opens an on-screen keyboard. Enter the network password string specified for the user entered within the
Identity field (used by the panel to identify itself to an Authentication (RADIUS) Server)
Note: This information is similar to the password entered to gain access to a secured workstation.
Protected Setup Pages
66