Configuring IEEE 802.1X Authentication0YSF-04SThe machine can connect to an 802.1X network as a client device. A typical 802.1X network consists of a RADIUS server(authentication server), LAN switch (authenticator), and client devices with authentication software (supplicants). If adevice tries to connect to the 802.1X network, the device must go through user authentication in order to prove thatthe connection is made by an authorized user. Authentication information is sent to and checked by a RADIUS server,which permits or rejects communication to the network depending on the authentication result. If authentication fails,a LAN switch (or an access point) blocks access from the outside of the network.Select the authentication method from the options below. If necessary, install or register a key pair or CA certificatebefore configuring IEEE 802.1X authentication ( Using CA-issued Key Pairs and Digital Certificates(P. 329) ).TLSThe machine and the authentication server authenticate each other by mutually verifying their certificates. Akey pair issued by a certification authority (CA) is required for the client authentication (when authenticating themachine). For the server authentication, a CA certificate installed via the Remote UI can be used in addition to aCA certificate preinstalled in the machine.TTLSThis authentication method uses a user name and password for the client authentication and a CA certificate forthe server authentication. MSCHAPv2 or PAP can be selected as the internal protocol. TTLS can be used withPEAP at the same time. Enable TLS for the Remote UI before configuring this authentication method ( UsingTLS for Encrypted Communications(P. 297) ).PEAPThe required settings are almost the same as those of TTLS. MS-CHAPv2 is used as the internal protocol. EnableTLS for the Remote UI before configuring this authentication method ( Using TLS for EncryptedCommunications(P. 297) ).1 Start the Remote UI and log on in Management Mode. Starting Remote UI(P. 336)2 Click [Settings/Registration].Security312
