VIVOTEK
User's Manual - 41
IEEE 802�1x
Advanced Mode
Enable this function if your network environment uses IEEE 802�1x, which is a port-based network
access control� The network devices, intermediary switch/access point/hub, and RADIUS server must
support and enable 802�1x settings�
The 802�1x standard is designed to enhance the security of local area networks, which provides
authentication to network devices (clients) attached to a network port (wired or wireless). If all certificates
between client and server are verified, a point-to-point connection will be enabled; if authentication fails,
access on that port will be prohibited� 802�1x utilizes an existing protocol, the Extensible Authentication
Protocol (EAP), to facilitate communication�
■
The components of a protected network with 802.1x authentication:
1�
Supplicant: A client end user
(camera), which requests authentication�
2�
Authenticator (an access point or a switch): A “go between” which restricts unauthorized end users
from communicating with the authentication server�
3�
Authentication server (usually a RADIUS server): Checks the client certificate and decides whether to
accept the end user’s access request�
■
VIVOTEK Network Cameras support two types of EAP methods to perform authentication:
EAP-PEAP
and
EAP-TLS
�
Please follow the steps below to enable 802.1x settings:
1� Before connecting the Network Camera to the protected network with 802�1x, please apply a digital
certificate from a Certificate Authority (ie. MIS of your company) which can be validated by a RADIUS
server�
2� Connect the Network Camera to a PC or notebook outside of the protected LAN� Open the
configuration page of the Network Camera as shown below. Select
EAP-PEAP
or
EAP-TLS
as the
EAP method� In the following blanks, enter your ID and password issued by the CA, then upload
related certificate(s).
Authenticator
(Network Switch)
Authentication Server
(RADIUS Server)
Supplicant
(Network Camera)