4. ClickShare installation
•Thefirst and foremost one in case of a typical corporate network setup is WPA2-Enterprise with 802.1X.
• As we also want to support smaller organizations which might have a more traditional W i-Fi setup, there is also support for
WPA 2-PSK also know n a s WPA2-Personal.
Both m odes are based on Wi-Fi Protected Access (WPA). If we mention WPA 2, we are talking ab out WPA 2 as an improved version
of the original WPA standard which adds AES encryption to improve s ecurity.
About WPA2-Enterprise wi th 802.1X
WPA2-Enterprise relies on server (using RADIUS) to authenticate eac h individual clie nt on the network. To do this authentication,
802.1x is us ed (also known as port based Ne twork Access Control). 802.1x encapsulates the Extensible Authentication P rotocol
(EAP) for use on local area networks. This is also known as “E AP over LAN” or EAPoL. Using RAD IUS, these E AP ol m ess ages will
be r outed through the network in order to authenticate the c lient dev ice on the ne twork. In case of ClickShare, these are the Buttons.
The 802.11i (WPA 2) standard defi nes a number of re quired EAP methods. Not all of them a re used extensively in the field and som e
other ones (wh ich are not in the standard) are us ed much more often. Th e most widely us ed EAP m ethods.used in the ClickShare
system a re :
•EAP-TLS
•PEAP
•EAP-TTLS
More detailed information can be found in the ClickShare Web Interface, c orporate network setup.
About WPA2-Personal
Pre-shared key mode (WPA2-PSK) is the default security method used in most consumer and small business Wi-Fi setups which
doesn’t require the extended complexity and features of 802.1X. PSK mode is also known as “personal” mode. Although less secure
than 802.1X, P SK m ode with smaller business setups in m ind is supported.
Considerations
When deciding to integrate t he ClickShare system in to you r corporate network there are a few things to consider up-front.
• Make s ure that all your Base Units can be co nnected to your network via the wi
red Ethernet interface.
• Take into account the amount of bandwidth that e ach button needs to stream the captured screen c ontent to the Base Unit.
Typic ally this will be somewhe re in between 5 and 15 Mbps. So, prevent bottlenecks in your network (eg. 100 Mbps switches)
that could potentially degrade your ClickShare experience due to a lack of bandwidth.
Network prerequisite
Once you enable the corporate network, the internal Wi-Fi access point of the ClickShare B ase Unit is disa bled. Make sure your
Base Unit is connected to the cor porate network via its wired Ethernet interface.
Firewall prerequisite
To ensure you can succes sfully share content via the ClickShare Button, ClickShare iOS App or A ndroid ClickShare P resenter App
to the B ase Unit make sure following ports are open on your network:
Sender CSM Base Unit CSC Base Unit
ClickShare Button TCP : 16 88-1689; 3268; 8080;
UDP: 1047-1049
TCP: 9876
ClickShare P resenter (iOS) TCP/UDP: 9870 TCP/UDP: 9870
ClickShare Presenter (Android) TCP/UDP: 9 870 TC P/UDP: 9870
AirPlay n/a TCP: 7000; 47000; 4100-4200;
UDP: 4100; 4200
VLAN prerequisite
A lot of corporate networks are being divided into multiple VLANs – for example to separate BYO D (Bring Your O wn Device) traffic
from the “core” corporate n etwork. Take this into consideration when integrating C lickShare into your network. ClickShare Buttons
connecting to y our wireless infrastructure should be able to connect to the Base Units. Furthermore if you want to use the m obile
apps, also those devices should be able to reach the Base Units.
DNS prerequisite
In order for the Buttons to be able to stream their content to the Base Unit they have to be able to resolve the Base Unit’s hos tname
within the network.
NTP prerequisite
When using EAP-TLS, you must also configur
e NTP on the Base Unit. This can be done via the ClickShare Web interface on the
Base Unit. It is necessary for the Base Unit to have the correct time to handle the certificates required for EAP-TL S. Preferably you
should use a NTP s erver on the local corporate network with a high availability. Be advised that when using a NTP server on the
internet, it’s not possible f or t
he Base Unit to connect through a proxy ser ver.
R5900004 CLICKSHARE 23/12/2014
33
To Next Page
Loading...
Need help?
General
