802.1X Configuration
System Administrator Guide
4-14
802.1X Configuration
Introduction to 802.1X and EAP
The 802.1X IEEE standard defines port-based, authenticated network access control for
Ethernet local area networks (LANs). With 802.1X, the user or device must pass network
access control by successfully authenticating with credentials, such as a name and password,
or network access is denied. 802.1X uses the Extensible Authentication Protocol (EAP) to
relay port access requests between LAN stations/the clients being authenticated (supplicants),
Ethernet switches or wireless access points (authenticators) and RADIUS servers
(authentication servers).
EAP is the standard authentication mechanism carried over 802.1X. The EAP method is an
inner authentication protocol that provides the secure mechanism for the authentication
exchange. Multiple EAP methods can be used. EAP methods are defined in International
Engineering Task Force (IETF) Requests for Comments (RFC) documents, RFC drafts, or
they can be proprietary. EAP methods have a significant influence on how your network is
designed and implemented, because not all supplicants, not all access points, and not all
RADIUS servers support all EAP methods. A careful evaluation of standards can help with
selecting appropriate LAN components that will avoid vendor lock-in or dead-end technology.
802.1X Configuration in CentreWare IS
Use the 802.1X configuration pages in CentreWare IS to perform the following tasks.
Required information varies depending on the EAP method(s) that you select.
Note:
Access to the 802.1x configuration pages in CentreWare IS can be restricted by the
passwords and feature authorization settings under Administrative Security.
1.
Launch your web browser.
2.
Enter the printer’s IP address in the browser’s
Address
field.
3.
Click
Properties
.
4.
Open the
Security
folder on the left navigation panel and select
802.1X
.
5.
Click the
Advanced
button for more experienced users or click the
Configuration
Wizard
button which will guide you through the setup.
For more information, click the
Help
button in CentreWare IS to view the online help.
6.
Select EAP authentication method(s)
– Select one or more authentication methods:
■
MD5 Challenge
■
TLS
■
PEAP-MS-CHAPv2 (PEAP)
If you select a method that uses X.509 security certificates (
TLS
or
PEAP
), you can use
use a root certificate to validate the authenticating server's certificate.
If you select
TLS
authentication, you must either install a signed device certificate that is
trusted by the authenticating server, or add the device's self-signed certificate to the
authenticating server's trusted certificate store.