Lan Settings, Eap-Ttls Security Mode - Barco CX-20 Installation Manual

Image 6–29 EAP-TLS — SCEP
SCEP ServerIP/ This is the IP or hostname of the Windows Server in your network running the NDES
hostname service. By default HTTP is used.
E.g.: http://myserver or http://10.192.5.1
SCEP User name This is a user in your Active Directory which has the required permission to access the
NDES service and request the challenge password. To be sure of this, the user should
be part of the CA Administrators group (in case of a stand-alone CA) or have enroll
permissions on the configured certificate templates.
SCEP Password The corresponding password for the identity that you are using to authenticate on the
corporate network. Per Base Unit, every Button uses the same identity and password
to connect to the corporate network.
Click on Save configuration to save the settings.

6.19 LAN Settings, EAP-TTLS security mode

About EAP-TTLS
EAP-TTLS (Tunneled Transport Layer Security) is an EAP implementation by Juniper networks. It is designed
to provide authentication that is as strong as EAP-TLS, but it does not require each user to be issued a
certificate. Instead, only the authentication servers are issued certificates. User authentication is performed by
password, but the password credentials are transported in a securely encrypted tunnel established based
upon the server certificates.
User authentication is performed against the same security database that is already in use on the corporate
LAN: for example, SQL or LDAP databases, or token systems. Since EAP-TTLS is usually implemented in
corporate environments without a client certificate we have not included support for this. If you prefer using
client certificates per user we suggest using EAP-TLS.
How to setup EAP-TTLS
1. Select Authentication Mode EAP-TTLS.
CX-20 Configurator
R5900102 /04 CX-20 85