Wireless Settings Page - Security Options - Eap-Tls - AMX NXT-CV10 Operation/Reference Manual

Firmware Pages and Descriptions
Wireless Security - EAP-TTLS Settings (Cont.)
Password:
Certificate Authority:
Inner Authentication Type:
Save/Cancel:

Wireless Settings Page - Security Options - EAP-TLS

EAP (Extensible Authentication Protocol) is a Enterprise authentication protocol that can be used in both a
wired and wireless network environment. EAP requires the use of an 802.1x Authentication Server, also
known as a Radius server. Most of the configuration fields described below take variable length strings as
inputs. Whenever these fields are selected, an on-screen keyboard appears which allows the string to then be
entered.
TLS (Transport Layer Security) was the original standard wireless LAN EAP authentication protocol. TLS
requires additional work during the deployment phase but provides additional security since even a
compromised password is not enough to break into an EAP-TLS protected wireless network environment.
An EAP-TLS security method is designed for wireless environments where its necessary to securely transmit
data over a wireless network by adding an additional level of security protocol via the use of a private key.
Refer to the EAP Authentication section on page 184 for further details on these security options. Refer to the
Using the Site Survey tool section on page 59 for more information on using this feature. Pressing the EAP-
TLS button opens the EAP-TLS Settings dialog (FIG. 113).
124
When pressed, the panel displays an on-screen keyboard which allows you
to enter the network password string specified for the user entered within the
Identity field. This is also how the panel identifies itself to the Authentication
(RADIUS) Server.
• This information is similar to the password entered to gain access to a
secured workstation.
• Use the on-screen keyboard's Clear button to completely erase any
previously stored passwords.
When pressed, the panel displays an on-screen Certificate Authority (CA)
File Location keyboard which allows you to enter the name of the certificate
authority file which is used to validate the server certificate.
This field is optional and can be left blank.
If a server certificate is used, it should first be downloaded into the panel and
the Certificate Authority field should then be set to the name of that certificate
file. No file path should be used for this setting as all certificates are stored in
a specific directory that the user cannot control or change.
• Use the on-screen keyboard's Clear button to completely erase any
previously stored network path information.
When pressed, this field cycles through the choices of available Inner
Authentication mechanism supported by the Devicescape Secure Wireless
Client:
• MSCHAPv2 (default because its the most common)
• MSCHAP
• PAP
• CHAP
• EAP-MSCHAPv2
• EAP-GTC
• EAP-OTP
• EAP-MD5-Challenge
• Use the Save button to store the new security information, incorporate it,
and then return to the previous Wireless Settings page.
• Use the Cancel button to cancel any updates to the security parameters
and return to the previous Wireless Settings page.
10" Modero Touch Panels