Protected Setup Pages
59
MVP-5200i Modero® ViewPoint® Touch Panel with Intercom - Instruction Manual
WPA-PSK Settings
In the
Wireless Security: Simple Mode
popup window (FIG. 61), press the
Security Type
field to select
WPA-PSK
.
WPA-PSK security is designed for environments where using WPA or WPA2 is desirable, but an 802.1x authentication server is not
available. PSK connections are more secure than WEP and are simpler to configure, since they implement dynamic keys but share a
key between the AP and the panel (client).
Using WPA-PSK, the encryption on the AP could either be WPA or WPA2. The firmware in the panel will automatically connect to the
AP using the correct encryption. The WPA encryption type is configured on the AP, not in the firmware.
APs do not display “WPA” or “WPA2” on their configuration screens:
WPA
is normally displayed as
TKIP
.
WPA2
is normally displayed as
AES
CCMP
.
The following fields are required:
SSID
and
Password/Pass Phrase
.
Enter the SSID of the AP.
Enter a pass phrase with a minimum of 8 characters and a maximum of 63.
The exact same pass phrase (including capitalization) must be entered in the access point.
Refer to the
Configuring Wireless Network Access
section on page 29 for details on these security options.
Refer to the
Using the Site Survey Tool
section on page 30 for more information on using this tool.
EAP Security & Server Certificates - Overview
The following EAP types all support a server certificate:
EAP-PEAP
EAP-TTLS
EAP-TLS
All three of these certificate-using security methods are documented in the following sections. EAP Authentication goes a step
beyond simply encrypting data transfers, but also requires that a set of credentials be validated before the client (panel) is allowed
to connect to the rest of the network (FIG. 63). Please note that no user intervention is necessary during this process, as it
proceeds automatically based on the configuration parameters entered into the panel.
A server certificate file uses a certificate installed in a panel so that the RADIUS server can be validated before the panel tries to
connect to it. The field name associated with this file is
Certificate Authority
.
If a server certificate is used, it should first be downloaded into the panel and the
Certificate Authority
field should then be set to
the name of that certificate file. No file path should be used for this setting, as all certificates are stored in a specific directory that
the user cannot control or change. The most secure connection method uses a server certificate.
If no server certificate will be used, this field should be left blank. If the field contains a file name, then a valid certificate file with
the same file name must be previously installed on the panel. Otherwise the authentication process will fail.
WPA-PSK Settings
SSID:
Opens an on-screen keyboard to enter the SSID name used on the target AP. The SSID is a unique name used by the AP,
and is assigned to all panels on that network. An SSID is required by the AP before the panel is permitted to join the
network.
• The SSID is case sensitive and must not exceed 32 characters.
• Make sure this setting is the same for all points in your wireless network.
• If this field is left blank, the panel will attempt to connect to the first available AP.
Password:
Opens an on-screen keyboard to enter a passphrase (password).
• This alpha-numeric string must use a minimum of 8 characters and a maximum of 63.
• The exact pass phrase string (including capitalization) must be entered on the target AP.
Cancel/Save: • Cancel - discard changes and return to the previous page.
•
Save
- store the new security information, apply changes, and return to the previous page.
FIG. 63
EAP security method in process
LAN
Client - Panel
(supplicant)
802.1x
(EAP over Wireless)
Authenticator
(Access Point)
Authentication Server
(RADIUS Server)
