Xerox 5550N System Administrator Guide - Page 46

802.1X Configuration

System Administrator Guide

4-14

802.1X Configuration

Introduction to 802.1X and EAP

The 802.1X IEEE standard defines port-based, authenticated network access control for

Ethernet local area networks (LANs). With 802.1X, the user or device must pass network

access control by successfully authenticating with credentials, such as a name and password,

or network access is denied. 802.1X uses the Extensible Authentication Protocol (EAP) to

relay port access requests between LAN stations/the clients being authenticated (supplicants),

Ethernet switches or wireless access points (authenticators) and RADIUS servers

(authentication servers).

EAP is the standard authentication mechanism carried over 802.1X. The EAP method is an

inner authentication protocol that provides the secure mechanism for the authentication

exchange. Multiple EAP methods can be used. EAP methods are defined in International

Engineering Task Force (IETF) Requests for Comments (RFC) documents, RFC drafts, or

they can be proprietary. EAP methods have a significant influence on how your network is

designed and implemented, because not all supplicants, not all access points, and not all

RADIUS servers support all EAP methods. A careful evaluation of standards can help with

selecting appropriate LAN components that will avoid vendor lock-in or dead-end technology.

802.1X Configuration in CentreWare IS

Use the 802.1X configuration pages in CentreWare IS to perform the following tasks.

Required information varies depending on the EAP method(s) that you select.

Note:

Access to the 802.1x configuration pages in CentreWare IS can be restricted by the

passwords and feature authorization settings under Administrative Security.

1.

Launch your web browser.

2.

Enter the printer’s IP address in the browser’s

Address

field (http://xxx.xxx.xxx.xxx).

3.

Click

Properties

.

4.

Open the

Security

folder on the left navigation panel and select

802.1X

.

5.

Click the

Advanced

button for more experienced users or click the

Configuration

Wizard

button which will guide you through the setup.

For more information, click the

Help

button in CentreWare IS to view the online help.

6.

Select EAP authentication method(s)

– Select one or more authentication methods:

■

MD5 Challenge

■

TLS

■

PEAP-MS-CHAPv2 (PEAP)

If you selected a method that uses X.509 security certificates (

TLS

or

PEAP

), you can use

use a root certificate to validate the authenticating server's certificate.

If you have selected

TLS

authentication, you must either install a signed device

certificate that is trusted by the authenticating server, or add the device's

self-signed certificate to the authenticating server's trusted certificate store.

Section	Page
Contents	3
Overview	7
Resources	7
PrintingScout Alerts	8
PhaserSMART Technical Support	8
How to Access PhaserSMART	8
Xerox Support Centre	10
CentreWare Internet Services (IS)	11
Network Installation Features	12
Using a Startup Network Configuration File	13
About the Configuration File	13
Configuration File Requirements	13
Specifying the Location of the Configuration File	13
Printer Driver Installation Features	14
Walk-Up Printing Driver	14
Walk-Up Installation	14
Installation from the Printer’s Hard Drive or the Web	15
Auto-Configuring Driver	15
Discovery Protocols	16
DDNS/WINS	16
DNS (Domain Name Services)	17
Service Location Protocol	17
UPnP (Universal Plug and Play)	18
Network Administration Features	19
Printer Neighborhood	20
Job Accounting	21
Usage Profile Reports	22
Setting Up Usage Profile Reporting	22
Sending Usage Profile Reports	22
Xerox Usage Analysis Tool	23
System Requirements	23
Protocol Control	24
HTTP	24
TCP/IP	25
Port 9100	25
LPR	26
IPP (Internet Printing Protocol)	26
SNMP (Simple Network Management Protocol)	27
FTP (File Transfer Protocol)	27
Email Server or SMTP (Simple Mail Transfer Protocol)	28
MaiLinX Remote Printing	29
MaiLinX Alerts	30
EtherTalk	31
Cloning	32
Security Features	33
Basic Concepts	34
About Admin and Key User Accounts	34
About HTTP, HTTPS, and SSL/TLS	35
About Certificates	35
About Access Control Lists	36
Securing the Printer in a High Security Environment	37
Managing Certificates	38
Configuring SSL	39
Configuring Administrator and Key User Settings	40
Configuring the Print Host Access List	41
Controlling Access to Color Printing	42
Securing the Hard Drive	43
Selecting the Hard Drive Overwrite Security Option	43
Selecting the Automatic Removal of Secure, Personal, and Proof Jobs Option	44
802.1X Configuration	46
Introduction to 802.1X and EAP	46
802.1X Configuration in CentreWare IS	46
Locking the Control Panel Menus	48
Configuring SNMP	49
Configuring SNMP for Maximum Security	49
Configuring SNMP v1/v2c	50
Configuring SNMP v3	52
Configuring the SNMP Access Control List	54
Disabling SNMP	55
Printing Features	56
Secure, Personal, Personal Saved, Proof, Print With and Saved Print Jobs	57
Smart Trays	57
Jam Recovery	58
Glossary	59
Terms and Abbreviations	59
Configuration Card Parameters	63
General Information Parameters	64
PostScript Parameters	64
PCL Parameters	65
USB 2.0 Parameters	65
Hard Drive Parameters	65
Network Information Parameters	65
PhaserShare Series B Interface for Ethernet Network Parameters	65
Certificates	66
802.1x	66
EtherTalk Parameters	66
TCP/IP Parameters	66
DNS Parameters	67
SLP Parameters	67
SSDP Parameter	67
NBNS (WINS) Parameters	67
Access Control Parameter	67
LPR Parameters	67
AppSocket (Port 9100) Parameters	68
IPP (Internet Printing Protocol) Parameters	68
SNMP Parameters	68
CentreWare IS (HTTP) Parameters	68
FTP Parameters	68
Status Notification Parameter	69
MaiLinX Remote Printing Parameters	69
Printer Commands	70
Phaser PCL Commands	71
Media Size	71
Media Type	72
Input Trays	73
Output Trays	73
Phaser PJL Commands	74
Acknowledgements	77

Xerox 5550N System Administrator Guide - Page 46

X Configuration, Introduction to 802.1X and EAP, 802.1X Configuration in CentreWare IS

Page 46 highlights