User manual
Security
myUTN User Manual 99
Proceed as follows:
1. Start the myUTN Control Center.
2. Select SECURITY – Authentication.
3. Select TLS from the Authentication method list.
4. Click Save & Restart to confirm.
ª The settings are saved.
Configuring EAP-TTLS
Benefits and
Purpose
EAP-TTLS (Tunneled Transport Layer Security) validates the identity
of devices or users before they gain access to network resources. You
can configure the UTN server for the EAP-TTLS network
authentication. This ensures that the UTN server gets access to
protected networks.
Basic Functions
EAP-TTLS consists of two phases:
• In phase 1, a TLS-encrypted channel between the UTN server and
the RADIUS server will be established. Only the RADIUS server
authenticates itself using a certificate that was signed by a CA.
This process is also referred to as 'outer authentication'.
• In phase 2, an additional authentication method is used for the
communication within the TLS channel. EAP-defined methods
and older methods (CHAP, PAP, MS-CHAP und MS-CHAPv2) are
supported. This process is also referred to as 'inner
authentication'.
The advantage of this procedure is that only the RADIUS server
needs a certificate. Therefore no PKI is needed. Moreover, TTLS
supports most authentication protocols.
Requirements
; The UTN server is defined as user (with user name and password)
on a RADIUS server.
Proceed as follows:
1. Start the myUTN Control Center.
2. Select SECURITY – Authentication.