Xerox 7500DX System Administrator Guide (English Only) - Page 50

Configuring 802.1X, Introduction to 802.1X and EAP, 802.1X Configuration in CentreWare IS

Page 50 highlights

Security Features Configuring 802.1X Introduction to 802.1X and EAP The 802.1X IEEE standard defines port-based, authenticated network access control for Ethernet local area networks (LANs). With 802.1X, the user or device must pass network access control by successfully authenticating with credentials, such as a name and password, or else network access is denied. 802.1X uses the Extensible Authentication Protocol (EAP) to relay port access requests between LAN stations/the clients being authenticated (supplicants), Ethernet switches or wireless access points (authenticators), and RADIUS servers (authentication servers). EAP is the standard authentication mechanism carried over 802.1X. The EAP method is an inner authentication protocol that provides the secure mechanism for the authentication exchange. Multiple EAP methods can be used. EAP methods are defined in International Engineering Task Force (IETF) Requests for Comments (RFC) documents, RFC drafts, or they can be proprietary. EAP methods have a significant influence on how your network is designed and implemented, because not all supplicants, not all access points, and not all RADIUS servers support all EAP methods. A careful evaluation of standards can help with selecting appropriate LAN components that will avoid vendor lock-in or deadend technology. 802.1X Configuration in CentreWare IS Use the 802.1X configuration pages in CentreWare IS to perform the following tasks. Required information varies depending on the EAP method(s) that you select. Note: Access to the 802.1x configuration pages in CentreWare IS can be restricted by the passwords and feature authorization settings under Administrative Security. 1. Launch your Web browser. 2. Enter the printer's IP address in the browser Address field. For details, see Finding the Printer's IP Address on page 14. 3. Click Properties. 4. On the left navigation pane, expand the Security folder and select 802.1X. 5. If you are a more experienced user, click the Advanced button; otherwise, click the Configuration Wizard button which will guide you through the setup. For more information, click the Help button in CentreWare IS to view the CentreWare IS Online Help. 6. Select EAP authentication method(s) - Select one or more authentication methods: • MD5 Challenge • TLS • PEAP-MS-CHAPv2 (PEAP) If you selected a method that uses X.509 security certificates (TLS or PEAP), you can use use a root certificate to validate the authenticating server's certificate. If you have selected TLS authentication, you must either install a signed device certificate that is trusted by the authenticating server, or add the device's self-signed certificate to the authenticating server's trusted certificate store. 50 Phaser 7500 Color Printer System Administrator Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116

Security Features
Phaser 7500 Color Printer
System Administrator Guide
50
Configuring 802.1X
Introduction to 802.1X and EAP
The 802.1X IEEE standard defines port-based, authenticated network access control for Ethernet local
area networks (LANs). With 802.1X, the user or device must pass network access control by successfully
authenticating with credentials, such as a name and password, or else network access is denied. 802.1X
uses the Extensible Authentication Protocol (EAP) to relay port access requests between LAN
stations/the clients being authenticated (supplicants), Ethernet switches or wireless access points
(authenticators), and RADIUS servers (authentication servers).
EAP is the standard authentication mechanism carried over 802.1X. The EAP method is an inner
authentication protocol that provides the secure mechanism for the authentication exchange. Multiple
EAP methods can be used. EAP methods are defined in International Engineering Task Force (IETF)
Requests for Comments (RFC) documents, RFC drafts, or they can be proprietary. EAP methods have a
significant influence on how your network is designed and implemented, because not all supplicants,
not all access points, and not all RADIUS servers support all EAP methods. A careful evaluation of
standards can help with selecting appropriate LAN components that will avoid vendor lock-in or dead-
end technology.
802.1X Configuration in CentreWare IS
Use the 802.1X configuration pages in CentreWare IS to perform the following tasks. Required
information varies depending on the EAP method(s) that you select.
Note:
Access to the 802.1x configuration pages in CentreWare IS can be restricted by the
passwords and feature authorization settings under Administrative Security.
1.
Launch your Web browser.
2.
Enter the printer’s IP address in the browser
Address
field. For details, see
Finding the Printer’s IP
Address
on page 14.
3.
Click
Properties
.
4.
On the left navigation pane, expand the
Security
folder and select
802.1X
.
5.
If you are a more experienced user, click the
Advanced
button; otherwise, click the
Configuration
Wizard
button which will guide you through the setup.
For more information, click the
Help
button in CentreWare IS to view the
CentreWare IS Online
Help
.
6.
Select
EAP authentication method(s)
– Select one or more authentication methods:
MD5 Challenge
TLS
PEAP-MS-CHAPv2 (PEAP)
If you selected a method that uses X.509 security certificates (
TLS
or
PEAP
), you can use use a
root certificate to validate the authenticating server’s certificate.
If you have selected
TLS
authentication, you must either install a signed device certificate that is
trusted by the authenticating server, or add the device’s self-signed certificate to the
authenticating server’s trusted certificate store.