258 Configuring an MX6 Radio for WPA
MX6 Reference Guide E-EQ-MX6RG-E-ARC
and types in as an extra layer of security before, for example, logging
into a network. Typically, the IDs change every 5 minutes or so, thus
constantly creating new user login/passcode combinations. A similar
mechanism for generating IDs is a smart card.
AP pre-shared key
Access Point passcode.
CA Root
Certificate
CA – Certification Authority. A trusted third-party organization or
company that issues digital certificates used to create digital signatures
and public-private key pairs. The role of the CA in this process is to
guarantee that the individual granted the unique certificate is, in fact,
who he or she claims to be. Usually, this means that the CA has an
arrangement with a financial institution, such as a credit card company,
which provides it with information to confirm an individual's claimed
identity. CAs are a critical component in data security and electronic
commerce because they guarantee that the two parties exchanging
information are really who they claim to be.
In Brief . . .
Note: Before setting WPA on an MX6 using the Pocket PC 2002 operating system, an OS
upgrade to Windows Mobile 2003 is required.
The MX6 uses an internal SyChip Pegasus radio and has the Meetinghouse supplicant installed.
To configure the radio for WPA functionality the Pegasus Settings configuration tool is used to
configure the AP density only. All WPA configuration is done with the Meetinghouse Aegis
supplicant.
See Also: Chapter 4 “System Configuration” section titled “Meetinghouse AEGIS Client”.
See Also: “LXE Security Primer” to prepare the Authentication Server and Access Point for
MX6 communication.
• set up an authentication profile for a user
• configure the authentication profile to skip server validation
• set up the radio profile to connect to AP network
• configure radio profile WPA settings
• once user is authenticated add server authentication
Prerequisites
• Encryption, authentication and data validation parameters have been set in the
Authentication Server that will be used to authenticate the MX6.
• Encryption, authentication and data validation parameters have been set in the Access
Point that will be used to manage traffic between the MX6 and the network.
• The companion parameters are ready to be added to the supplicant (MX6) to enable WPA
authentication, encryption and communication within the host system.
First . . .
1. Verify correct date and time on the MX6.
2. Install CA root certificate and RADIUS server certificate on the MX6. Note that WPA-PSK
does not require digital certificates.
3. Write down the Certificate issuer name. Write down the Server Name.
