Chapter 1: Configuration
Configuring a RADIUS server
Page
1-285
TFTP
This option allows to Enable and Disable TFTP access to the Radio.
SM - Phase 1 (Outside Identity) parameters and settings
The protocols supported for the Phase 1 (Outside Identity) phase of authentication are
eapttls (Extensible Authentication Protocol Tunneled Transport Layer Security) and eapMSChapV2
(Extensible Authentication Protocol – Microsoft Challenge-Handshake Authentication Protocol).
Configure an outer Identity in the Username field. This must match the Phase 1/Outer Identity username
configured in the RADIUS server. The default Phase 1/Outer Identity Username is “anonymous”. The
Username can be up to 128 non-special (no diacritical markings) alphanumeric characters. If Realms are
being used in the RADIUS system (eapttls only), select Enable Realm and configure an outer identity in
the Identity field and a Realm in the Realm field. These must match the Phase 1/Outer Identity and Realm
configured in the RADIUS server. The default Identity is “anonymous”. The Identity can be up to 128 non-
special (no diacritical markings) alphanumeric characters. The default Realm is “canopy.net”. The Realm
can also be up to 128 non-special alphanumeric characters.
SM - Phase 2 (Inside Identity) parameters and settings
If using eapttls for Phase 1 authentication, select the desired Phase 2 (Inside Identity) authentication
protocol from the Phase 2 options of PAP (Password Authentication Protocol), CHAP (Challenge
Handshake Authentication Protocol), and MSCHAPv2 (Microsoft’s version of CHAP). The protocol must
be consistent with the authentication protocol configured on the RADIUS server. Enter a Username for
the SM. This must match the username configured for the SM on the RADIUS server. The default
Username is the SM’s MAC address. The Username can be up to 128 non-special (no diacritical markings)
alphanumeric characters.
Enter the desired password for the SM in the Password and Confirm Password fields. The Password
must match the password configured for the SM on the RADIUS server. The default Password is
“password”. The Password can be up to 128 non-special (no diacritical markings) alphanumeric
characters.
Handling Certificates
Managing SM Certificates via the SM GUI
The default public Canopy certificates are loaded into SMs upon factory software installation. The
default certificates are not secure and are intended for use during lab and field trials as part of gaining
experience with the RADIUS functionalities or as an option during debug. For secure operation, an
operator will want to create or procure their own certificates. Resetting a SM to its factory defaults will
remove the current certificates and restore the default certificates.
Up to two certificates can be resident on a SM. An installed certificate can be deleted by clicking the
Delete button in the certificate’s description block on the Configuration > Security tab. To restore the 2
default certificates, click the Use Default Certificates button in the RADIUS Certificate Settings
parameter block and reboot the radio.
To upload a certificate manually to a SM, first load it in a known place on your PC or network drive, then
click on a Delete button on one of the Certificate description blocks to delete a certificate to provide
space for your certificate. Click on Choose File, browse to the location of the certificate, and click the
Import Certificate button, and then reboot the radio to use the new certificate.
Summary of Contents for PMP 450 AP
Page 51: ...Chapter 1 Configuration Quick link setup Page 1 23 ...
Page 155: ...Chapter 1 Configuration Configuring security Page 1 127 ...
Page 163: ...Chapter 1 Configuration Configuring security Page 1 135 ...
Page 164: ...Chapter 1 Configuration Configuring security Page 1 136 ...
Page 193: ...Chapter 1 Configuration Configuring radio parameters Page 1 165 ...
Page 194: ...Chapter 1 Configuration Configuring radio parameters Page 1 166 ...
Page 195: ...Chapter 1 Configuration Configuring radio parameters Page 1 167 ...
Page 206: ...Chapter 1 Configuration Configuring radio parameters Page 1 178 ...
Page 210: ...Chapter 1 Configuration Configuring radio parameters Page 1 182 ...
Page 636: ...Chapter 5 Troubleshooting Logs Page 5 16 Figure 95 SM Authorization log ...