R5900087 /04
ClickShare CSE-200+
69
Using SCEP
The Simple Certificate Enrolment Protocol (SCEP) is a protocol which enables issuing and revoking of
certificates in a scalable way. SCEP support is included to allow a quicker and smoother integration of the
ClickShare Base Unit and Buttons into the corporate network. Since most companies are using Microsoft
Windows Server and its active directory (AD) to manage users and devices our SCEP implementation is
specifically targeted at the Network Device Enrolment Service (NDES) which is part of Windows Server 2008
R2 and Windows Server 2012. No other SCEP server implementations are supported.
Image 6-23: WiFi Settings, Wireless Client, EAP-TLS, SCEP
SCEP ServerIP/
hostname
This is the IP or hostname of the Windows Server in your network running the NDES
service. By default HTTP is used.
E.g.: http://myserver or http://10.192.5.1
SCEP User name
This is a user in your Active Directory which has the required permission to access the
NDES service and request the challenge password. To be sure of this, the user should
be part of the CA Administrators group (in case of a stand-alone CA) or have enroll
permissions on the configured certificate templates.
SCEP Password
The corresponding password for the identity that you are using to authenticate on the
corporate network. Per Base Unit, every Button uses the same identity and password
to connect to the corporate network.
Click
Save Changes
to save the settings.
6.14 WiFi settings, Wireless Client, EAP-TTLS
About EAP-TTLS
EAP-TTLS (Tunneled Transport Layer Security) is an EAP implementation by Juniper networks. It is designed
to provide authentication that is as strong as EAP-TLS, but it does not require each user to be issued a
certificate. Instead, only the authentication servers are issued certificates. User authentication is performed by
password, but the password credentials are transported in a securely encrypted tunnel established based
upon the server certificates.
User authentication is performed against the same security database that is already in use on the corporate
LAN: for example, SQL or LDAP databases, or token systems. Since EAP-TTLS is usually implemented in
corporate environments without a client certificate we have not included support for this. If you prefer using
client certificates per user we suggest using EAP-TLS.
How to start up for EAP-TTLS
1.
Log in to the
Configurator
.
2.
Click
Wi-Fi & Network
→
WiFi Settings
.
3.
When the Operational Mode is
Wireless Client
, select
Authentication Mode
. Click on the drop down list and
select
EAP-TTLS
.
Summary of Contents for ClickShare CSE-200+
Page 1: ...ENABLING BRIGHT OUTCOMES Installation manual ClickShare CSE 200...
Page 101: ...101 R5900087 04 ClickShare CSE 200 Firmware updates 7...
Page 103: ...103 R5900087 04 ClickShare CSE 200 Troubleshooting 8...
Page 107: ...107 R5900087 04 ClickShare CSE 200 Environmental information 9...
Page 111: ...R5900087 04 ClickShare CSE 200 111 Environmental information...