Actions

IEEE 802.1X

From Zenitel Wiki

Revision as of 11:25, 16 November 2009 by Asle (talk) (New page: '''IEEE 802.1X''' is an IEEE Standard for port-based Network Access Control (PNAC) ("port" meaning a single point of attachment to the LAN infrastructure). It provides an authentication me...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

IEEE 802.1X is an IEEE Standard for port-based Network Access Control (PNAC) ("port" meaning a single point of attachment to the LAN infrastructure). It provides an authentication mechanism to devices wishing to attach to a LAN, either establishing a point-to-point connection or preventing it if authentication fails.

STENTOFON IP Stations support 802.1X as from firmware version 01.09.

User interface

  • The button "Apply 802.1X settings" sends the user to a page where the IP-station can be restarted in order to use the new settings. New 802.1X settings are not used before after restart. Note: This button does not save the settings.
  • The sentence "Currently using authentication method: MSCHAPV2" tells the user what authentication method is currently in use.
  • The sentence "Choosen authentication method: MSCHAPV2" tells the user what authentication method is currently chosen for configuration. All of the authentication methods share same configuration parameters, because it is only possible to use one authentication method at a time.
  • The radiobutton list lets the user choose which authentication method to configure and use.

The different authnetication methods are MSCHAPV2, MD5, PAP, TTLS with PAP and PEAP with MSCHAPV2.

  • MSCHAPV2 and MD5 encrypts the password.
  • PAP does not encrypt anything.
  • TTLS with PAP and PEAP with MSCHAPV2 encrypts both username and password.
  • Dependent on the authentication method there are 3-4 parameters to configure.
    • Username: The username used to identify a station.
    • Fake username: Fake username sent outside of encrypted tunnel with TTLS with PAP and PEAP with MSCHAPV2. The username is encrypted.
    • Password: The password associated with the username.
    • 802.1X status: Enable or disable 802.1X
  • The button "Save settings" saves the current settings.
  • If TTLS with PAP or PEAP with MSCHAPV2 is the chosen authenticiation method then a certificate must be uploaded to the station. This should be done in the field at the bottom. The certificate must either be a PEM or DER certificate and the certificate must be named "certificate.pem".
Retrieved from "https://wiki.zenitel.com/w/index.php?title=IEEE_802.1X&oldid=95896"