Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

125

Stratix 5100 Device Manager Parameter Definitions

Chapter 4

Table 35 - AP Authentication General Set-up Page Parameter Descriptions

Parameter

Description

Current Credentials

Choose <NEW> if you want to add a dot1x credentials profile.

Credentials Name

Enter a name for the dot1x credentials profile if you are adding a new profile. You
can change the name if you have chosen an existing profile.

Username

Enter the authentication user id.

Password

Enter the authentication password.

Anonymous ID

Enter the anonymous identity to be used. Depending on your network
authentication requirements, you can configure an anonymous ID instead of a
username and password.

Trustpoint

Router certificates and the associated CA certificate are managed through a
trustpoint. Enter the default pki-trustpoint. Enter the trustpoint if one is required
for network authentication.

Define Trustpoints

If you need to define a trustpoint, click the link to go to the AP Authentication -
Certificates page where you can configure the parameters for the trustpoint.

Authentication Methods Profile

Credential profiles are applied to an interface or an SSID in the same way. When an
access point connects to the network, the access point and the network
authentication device negotiate to agree upon an authentication method
supported by both devices to complete authentication. An authentication methods
profile is used to restrict the types of authentication that the access point agrees to
use. If you wish to restrict the authentication types used to authenticate to the
network, define an authentication methods profile and assign it to the relevant
SSIDs or GigabitEthernet interface. The restriction can be required to prevent the
network authentication server and the access point from negotiating an
authentication method such as LEAP rather than a more secure authentication
method such as EAP-FAST.

Current Authentication Methods
Profile

Choose <NEW> if you want to add an authentication methods profile.

Profile Name

Enter a name for the authentication methods profile if you are adding a new
profile. You can change the name if you have chosen an existing profile.

Authentication Methods

Choose the authentication methods that the access point needs to use to
authenticate to the network. By choosing a strong authentication method, you can
prevent the access point from allowing weaker authentication methods to be
approved. For example, if a RADIUS server supports EAP-FAST and LEAP, under
certain configurations, the server can initially employ LEAP instead of a more
secure method. If no preferred method list is defined in this parameter, LEAP can
be chosen rather than the stronger, more advantageous EAP-FAST.