User`s manual

VIVOTEK

User's Manual - 39

IEEE802.1x

Advanced Mode

Enable thisfunction ifyournetwork environment uses IEEE802.1x, which isa portbased network

access control. The network devices, intermediary switch/access point/hub, and RADIUS server must

supportandenable802.1xsettings.

The 802.1x standard is designedtoenhancethe security oflocalarea networks, which provides

authenticationtonetworkdevices(clients)attachedtoanetworkport(wiredorwireless).Ifallcerticates

betweenclientandserverareveried,apointtopointconnectionwillbeenabledifauthenticationfails,

accessonthatportwillbeprohibited.802.1xutilizesanexistingprotocol,theExtensibleAuthentication

Protocol (EAP), to facilitate communication.

■

Thecomponentsofaprotectednetworkwith802.1xauthentication:

Supplicant: A client end user (camera), which requests authentication.

Authenticator (an access point or a switch): A “go between” which restricts unauthorized end users

from communicating with the authentication server.

Authenticationserver(usuallyaRADIUSserver):Checkstheclientcerticateanddecideswhetherto

accept the end user’s access request.

■

VIVOTEK Network Cameras support two types of EAP methods to perform authentication: EAP-PEAP

and EAP-TLS.

Pleasefollowthestepsbelowtoenable802.1xsettings:

1.BeforeconnectingtheNetworkCameratotheprotectednetworkwith802.1x,pleaseapplyadigital

certicatefromaCerticateAuthority(ie.MISofyourcompany)whichcanbevalidatedbyaRADIUS

server.

2. Connect the Network Camera to a PC or notebook outside of the protected LAN. Open the

congurationpageoftheNetworkCameraasshownbelow.SelectEAP-PEAP or EAP-TLS as the

EAP method. In the following blanks, enter your ID and password issued by the CA, then upload

relatedcerticate(s).

Authenticator

(Network Switch)

Authentication Server

(RADIUS Server)

Supplicant

(Network Camera)