HomeWeb Management ToolUsing the IEEE802.1X Authentication

Using the IEEE802.1X Authentication

If IEEE802.1X authentication is installed in your environment, configure the following settings.

Using IEEE802.1X authentication enables you to only connect devices authorized by administrators to the LAN environment. Devices that are not authenticated will not be allowed to even join the network, and this ensures rigid security.

In the administrator mode, select [Network] - [IEEE802.1X Authentication Setting] - [IEEE802.1X Authentication Setting], then configure the following settings.

Settings		Description
[IEEE802.1X Authentication Setting]		Select [ON] to use IEEE802.1X authentication. [OFF] is specified by default.
[Supplicant Setting]		In IEEE802.1x authentication, this machine acts as a supplicant (client to be authenticated). Configure the settings required for authentication by the authentication server.
	[User ID]	Enter a user ID (using up to 128 characters). This user ID is used for all EAP-Type options.
	[Password]	Enter a password with 128 characters. The password is used for all EAP-Type options other than [EAP-TLS]. To enter (change) the password, select the [Password is changed.] check box, then enter a new password.
	[EAP-Type]	Select an EAP authentication method. [Depend on Server]: The EAP-Type provided by the authentication server will be used for authentication. Configure the supplicant settings as required for this machine according to the EAP-Type provided by the authentication server. Do not select [OFF]. [OFF] is specified by default.
	[EAP-TTLS]	Configure the EAP-TTLS settings if [EAP-Type] is set to [EAP-TTLS] or [Depend on Server]. [anonymous]: Enter the anonymous name used for EAP-TTLS authentication (using up to 128 characters). [Inner Authentication Protocol]: Select an internal authentication protocol for EAP-TTLS.
	[Server ID]	To verify CN of the certificate, enter the server ID (using up to 64 characters).
	[Client Certificates]	Select whether to encrypt the authentication information using a certificate for this machine, if necessary. This setting can be configured if the following conditions are satisfied: The certificate is registered on this machine [EAP-TLS], [EAP-TTLS], [PEAP], or [Depend on Server] is selected from [EAP-Type].
	[Encryption Strength]	If [EAP-TLS], [EAP-TTLS], [PEAP], or [Depend on Server] is selected from [EAP-Type], select an encryption strength for encryption by TLS, if necessary. [Low]: Keys of any length are used for communication. [Mid]: Keys that are more than 56 bits in length are used for communication. [High]: Keys that are more than 128 bits in length are used for communication.
	[Certificate Verification Level Settings]	To verify the certificate, select items to be verified. If you select [Confirm] at each item, the certificate is verified for each item. [Validity Period]: Confirm whether the certificate is within the validity period. [Confirm] is specified by default. [CN]: Confirm whether CN (Common Name) of the certificate matches the server address. [Do Not Confirm] is specified by default. [Chain]: Confirm whether there is a problem in the certificate chain (certificate path). The chain is validated by referencing the external certificates managed on this machine. [Do Not Confirm] is specified by default.
	[Network Stop Time]	Specify the delay time between the start of an authentication process and the end of network communication, if necessary. If an authentication process does not succeed within the specified time, all network communication will stop. To specify the delay time, select the [Network Stop Time] check box, and enter the delay (sec.) in [Stop Time]. To restart the authentication process after network communication stopped, reboot this machine.

Tips

In the administrator mode, select [Network] - [IEEE802.1X Authentication Setting] - [IEEE802.1X Authentication Trial] to confirm the current authentication status. The authentication process can be activated for the authentication server.