Eap Communication Overview - AMX NXD-1000Vi Operation/Reference Manual

10" modero wall/flush mount touch panel with intercom

Hide thumbs Also See for NXD-1000Vi:

Operation/reference manual (234 pages)

Datasheet (2 pages)

Quick start manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

Table of Contents

EAP Communication Overview

EAP Authentication goes a step beyond just encrypting data transfers, but also requires that a set of credentials

be validated before the client (panel) is allowed to connect to the rest of the network (FIG. 105).

It is important to note that there is no user intervention necessary during this process. It proceeds automatically

based on the configuration parameters entered into the panel.

Client - Panel

(supplicant)

FIG. 105

EAP security method in process

The client (panel) establishes a wireless connection with the WAP specified by the SSID.

The WAP opens up a tunnel between itself and the RADIUS server configured via the access point.

This tunnel means that packets can flow between the panel and the RADIUS server but nowhere else.

The network is protected until authentication of the client (panel) is complete and the ID of the client is

verified.

The WAP (Authenticator) sends an "EAP-Request/Identity" message to the panel as soon as the wireless

connection becomes active.

The panel then sends a "EAP-Response/Identity" message through the WAP to the RADIUS server

providing its identity and specifying which EAP type it wants to use.



If the EAP type is supported, the server then sends a message back to the client (panel) indicating what

information it needs.

This can be as simple as a username (Identity) and password or as complex as multiple CA certificates.

The panel then responds with the requested information.

If everything matches, and the panel provides the proper credentials, the RADIUS server then sends a

success message to the access point instructing it to allow the panel to communicate with other devices on

the network.

At this point, the WAP completes the process for allowing LAN Access to the panel (possibly a restricted

access based on attributes that came back from the RADIUS server).

As an example, the WAP might switch the panel to a particular VLAN or install a set of firewall rules.

NXD-1000Vi 10" Modero® Wall/Flush Mount Touch Panel with Intercom

802.1x

(EAP over Wireless)

If the server does not support the EAP type, then it sends a failure message back to the WAP which

will then disconnect the panel.

As an example, EAP-FAST is only supported by the Cisco server.

LAN

Authenticator (WAP)

Appendix D - Wireless Technology

Authentication Server

(RADIUS Server)

209

Table of Contents

Show Quick Links

Quick Links:
Nxd-1000Vi Specifications

Hide quick links:

Table of Contents

Eap Communication Overview - AMX NXD-1000Vi Operation/Reference Manual

EAP Communication Overview

Hide quick links:

Related Manuals for AMX NXD-1000Vi

Related Content for AMX NXD-1000Vi

Table of Contents