beautypg.com

Certificate management – ProSoft Technology RLX2-IHNF-WC User Manual

Page 110

background image

RLX2 Industrial Hotspot Series

Page 110 of 212

ProSoft Technology, Inc.

June 15, 2015

Field

Description

Authentication Method:

The Authentication Method, sometimes referred to as the ‘inner protocol’
defines the mechanism used to authenticate the Supplicant of the RLX2 with
the RADIUS server. The following authentication methods are supported:

MS-CHAPv2 – Microsoft’s version of the ‘Challenge Handshake
Authentication Protocol’ (CHAP). This method provides mutual
authentication between the Supplicant and the RADIUS server,
using a user name and password and challenge text responses.

MD5 – ‘Message Digest’ cryptographic hashing algorithm based on
a user name and password.

TLS – Certificate-based inner authentication protocol.

User Name:

Enter the User Name of the account that is to be authenticated. When using
EAP-TLS, this represents the identity of the entity assigned to the device
certificate being used.

Password:

Required field when using EAP-PEAP or EAP-TTLS with MS-CHAPv2 or MD5.
Enter the password of the account corresponding to the user name.

Certificates

Opens a window that displays the current certificates installed in the RLX2,
and provides controls to upload new certificates into the unit. Note: The
RLX2 does not ship with any certificates installed.

Certificate Management

When using Enterprise-level security, some EAP methods require the use of X.509
certificates. The Certificate Management web page allows the uploading of certificate
files to the RLX2.

There are two certificate types; a certificate from a ‘Certification Authority’ used to
authenticate the RADIUS server to the RLX2 supplicant, and device or client certificate
created by the RADIUS server for the RLX2. The RLX2 is able to hold one of each
certificate type.

If PEAP authentication is used, you’ll need a CA Certificate (to authenticate the RADIUS
server) and a username and password.

If EAP-TLS is used, you’ll need a CA Certificate, a Client Certificate and Private Key
(contained in a single p12 file) to authenticate the client. The p12 file is encrypted and
requires a password.

The IT person will provide you with the appropriate files that you’ll need to load to the
RLX2 Repeater.

The following controls are used for uploading a certificate:

This manual is related to the following products:
See also other documents in the category ProSoft Technology Routers: