LevelOne FCS-7111 User Manual

Page 49

background image

User's Manual - 49

IEEE 802.1x

Advanced Mode

Enable this function if your network environment uses IEEE 802.1x, which is a port-based network

access control. The network devices, intermediary switch/access point/hub, and RADIUS server must

support and enable 802.1x settings.

The 802.1x standard is designed to enhance the security of local area networks, which provides

authentication to network devices (clients) attached to a network port (wired or wireless). If all certifi cates

between client and server are verifi ed, a point-to-point connection will be enabled; if authentication fails,

access on that port will be prohibited. 802.1x utilizes an existing protocol, the Extensible Authentication

Protocol (EAP), to facilitate communication.

The components of a protected network with 802.1x authentication:

1.

Supplicant: A client end user (camera), which requests authentication.

2.

Authenticator (an access point or a switch): A “go between” which restricts unauthorized end users

from communicating with the authentication server.

3.

Authentication server (usually a RADIUS server): Checks the client certifi cate and decides whether to

accept the end user’s access request.

LevelOne video servers support two types of EAP methods to perform authentication:

EAP-PEAP and

EAP-TLS.

Please follow the steps below to enable 802.1x settings:

1. Before connecting the video server to the protected network with 802.1x, please apply a digital

certifi cate from a Certifi cate Authority (ie. MIS of your company) which can be validated by a RADIUS

server.

2. Connect the video server to a PC or notebook outside of the protected LAN. Open the confi guration

page of the video server as shown below. Select

EAP-PEAP or EAP-TLS as the EAP method. In the

following blanks, enter your ID and password issued by the CA, then upload related certifi cate(s).