Configure a WPA2 Enterprise Wireless Access Point Connection

The TST‑1080 supports Wi-Fi® network connections over a wireless access point (WAP) with WPA2 Enterprise encryption. Additional configuration steps are required to use the touch screen with the WPA2 Enterprise WAP, including loading 802.1X IEEE certificates to the touch screen.

To configure the touch screen to connect to a WPA2 Enterprise WAP:

1. Access the touch screen web configuration interface as described in Access the Web Configuration Interface.
2. Load the required 802.1X IEEE certificates to the touch screen as directed by your IT administrator:
1. Select Manage Certificates from the Action menu. The Manage Certificates dialog box is displayed.



2. Load the 802.1X IEEE root certificate for the WPA2 Enterprise WAP to the touch screen (required if using the PEAP, TTLS, and TLS Extensible Authentication Protocol (EAP) methods for authentication):
1. Select the Root tab (if is not already selected).



2. Select Add Root Certificate, and then add the root certificate as described in Add Certificate.
3. Load the 802.1X IEEE machine certificate for the WPA2 Enterprise WAP to the touch screen (required only if using the TLS EAP method for authentication):
1. Select the Machine tab.



2. Select Add Machine Certificate, and then add the machine certificate as described in Add Certificate.
3. Navigate to Settings > Network to display network settings for the touch screen.



4. In the Wi-Fi subsection, scan for and then select the WPA2 Enterprise WAP from the Select Discovered Access Points results to display the Connect to Access Point dialog box. The WAP can also be added manually in the table below this setting. For more information, refer to Network.



5. Enter the following information in the Connect to Access Point dialog box as directed by your IT administrator:

NOTE: The required information varies depending on the EAP method selected (PEAP, TLS, TTLS, or PWD).

• EAP Method: Select the EAP method used by the WPA2 Enterprise WAP from the drop-down menu (PEAP, TLS, TTLS, or PWD).
• Phase 2 Authentication: (PEAP and TTLS only) If applicable, enter the Phase 2 authentication type used by the WP2A Enterprise WAP (None or MSCHAPV2).
• CA Certificate: (PEAP, TLS, and TTLS only) Select the 802.1X IEEE root certificate that was loaded in step 2b above.
• User Certificate: (TLS only) Select the 802.1X IEEE machine certificate that was loaded in step 2c above.
• Identity: Enter the identity credentials used to authenticate against the WPA2 Enterprise WAP.
• Anonymous Identity: (PEAP and TTLS only) Enter an anonymous identify that will be used to obscure the provided identity during external authentication.
• Password: Enter the password for the WPA2 Enterprise WAP identity.
6. Select OK to save the WAP connection. The touch screen attempts to connect to the configured WPA2 Enterprise WAP immediately.

If the touch screen was connected to a different WAP prior to configuring the WPA2 Enterprise WAP connection, the touch screen will not connect to the WPA2 Enterprise WAP automatically. The previous WAP must be deleted first.

As a workaround (or during initial setup), the touch screen can also be connected to a computer via USB to expose its RDNS IP address. Use the Device Discovery Tool in Crestron Toolbox™ software to discover the touch screen and its local RDNS IP address, access the touch screen web configuration interface over that IP address, and then perform the procedure above. For more information, refer to the Crestron Toolbox help file.