A
d
mini
s
tra
ting
t
he
Came
ra
Using the 802.1X Authentication Function — 802.1X Menu
44
Note
Import process becomes invalid if the selected file is not
a CA certificate.
To display the information of the CA certificate
When the CA certificate has been saved in the camera
correctly, its information appears on
Issuer DN
,
Subject DN
,
Validity Period
and
Extended Key
Usage
.
To delete the CA certificate
Click
Delete
, and the CA certificate stored in the camera
will be deleted.
Setting the 802.1X authentication
function – Example of Windows
Server 2003
This section explains how to configure the
authentication server and CA using Microsoft Windows
Server 2003.
Note
As this section describes authentication based on the
user interface in English on Windows Server 2003, the
UI terminology and page configuration may be different
depending on the version of the Operating System or
Service Pack and patch update status.
Before setting
Perform the following settings before configuring an
802.1X network.
Active Directory (domain controller)
The following setting example is based on the
assumption that the Active Directory has been
configured.
Windows IAS configuration
To add the IAS (Internet Authentication Service),
perform the following steps:
1
Configure
Remote access/VPN server
in
Manage
Your Server
of Windows Server 2003.
2
Open
Add or Remove Programs
from
Control
Panel
of Windows menu.
3
Install
Internet Authentication Service
in
Add/
Remove Windows Components
.
CA configuration
To configure the CA, perform the following steps:
1
Open
Add or Remove Programs
from
Control
Panel
of Windows menu.
2
Select
Add/Remove Windows Components
.
3
Add
Certificate Services
in the Component menu.
4
Select
Enterprise root CA
on
CA Type
, and
proceed to next.
5
Type the name of CA on
Common Name for this
CA
, and configure the CA.
Creating a security group for Active
Directory
1
Open
Active Directory Users and Computers
from
Administrative Tools
of Windows menu.
2
Select
Users
of the domain with which you want to
perform 802.1X connection.
3
Select
New
from the context menu, then select
Group
and configure the group for 802.1X
connection.
For example, the group “Wired_802.1X_Group” is
assumed for explanation purposes.
Configuring the Internet Authentication
Service
1
Open
Internet Authentication Service
from
Administrative Tools
of Windows menu.
2
Click
Register Server in Active Directory
on the
operation menu.
3
Read the displayed precautions carefully and click
OK
to accept them.
Then, continue to configure the EAP-TLS policy.
4
Select
Remote Access Policy
and right-click.
5
Select
New
from the context menu, and select
Remote Access Policy
to open the “New Remote
Access Policy Wizard.”
6
Select
Set up a custom policy
.
7
Set the following items:
Policy name:
Type “Allow 802.1X Access” as an
example.
Policy conditions:
Click
Add
and add the
following items:
