VIVOTEK
User's Manual - 93
Security > IEEE 802.1X
Enable this function if your network environment uses IEEE 802.1x, which is a port-based network
access control. The network devices, intermediary switch/access point/hub, and RADIUS server
must support and enable 802.1x settings.
The 802.1x standard is designed to enhance the security of local area networks, which provides
authentication to network devices (clients) attached to a network port (wired or wireless). If all
certificates between client and server are verified, a point-to-point connection will be enabled; if
authentication fails, access on that port will be prohibited. 802.1x utilizes an existing protocol, the
Extensible Authentication Protocol (EAP), to facilitate communication.
■
The components of a protected network with 802.1x authentication:
1.
Supplicant: A client end user
(camera), which requests authentication.
2.
Authenticator (an access point or a switch): A “go between” which restricts unauthorized end
users from communicating with the authentication server.
3.
Authentication server (usually a RADIUS server): Checks the client certificate and decides
whether to accept the end user’s access request.
■
VIVOTEK Network Cameras support two types of EAP methods to perform authentication:
EAP-
PEAP
and
EAP-TLS
.
Please follow the steps below to enable 802.1x settings:
1. Before connecting the Network Camera to the protected network with 802.1x, please apply
a digital certificate from a Certificate Authority (i.e., your network administrator) which can be
validated by a RADIUS server.
2. Connect the Network Camera to a PC or notebook outside of the protected LAN. Open the
configuration page of the Network Camera as shown below. Select
EAP-PEAP
or
EAP-TLS
as
the EAP method. In the following blanks, enter your ID and password issued by the CA, then
upload related certificate(s).
Supplicant
(Network Camera)
Authenticator
(Network Switch)
Authentication Server
(RADIUS Server)