Loading ...
Loading ...
Loading ...
24
AXIS P8221 - System Options
Clients and servers in an IEEE 802.1X network may need to authenticate each other by some means. In Axis implementation
this is done with the help of digital certificates provided by a Certification Authority. These are then validated by a
third-party entity, such as a RADIUS server, examples of which are Free Radius and Microsoft Internet Authentication Service.
To perform the authentication, the RADIUS server uses various EAP methods/protocols, of which there are many. The one used
in Axis implementation is EAPOL using EAP-TLS (EAP-Transport Layer Security).
The Axis network product presents its certificate to the network switch, which in turn forwards this to the RADIUS server. The
RADIUS server validates or rejects the certificate and responds to the switch, and sends its own certificate to the client for
validation. The switch then allows or denies network access accordingly, on a preconfigured port.
Certificates
CA Certificate - This certificate is created by the Certification Authority for the purpose of validating itself, so AXIS P8221
needs this certificate to check the server's identity. Provide the path to the certificate directly, or use the Browse... button to
locate it. Then click the Upload button. To remove a certificate, click the Remove button.
Client certificate/private key - AXIS P8221 must also authenticate itself, using a client certificate and a private key. Provide
the path to the certificate in the first field, or use the Browse... button to locate it. Then click the Upload button. To remove a
certificate, click the Remove button.
Alternatively, it may be possible to upload the certificate and key in one combined file, (e.g. a PFX file or PEM file). Provide the
path to the file, or use the Browse... button to locate it. Click Upload to load the file. To remove a certificate and key, click the
Remove button.
Settings
EAPOL version - Select the EAPOL version (1 or 2) as used in your network switch.
EAP identity - Enter the user identity associated with your certificate. A maximum of 16 characters can be used.
Private key password - Enter the password (maximum 16 characters) for your user identity.
Enable IEEE 802.1X - Check the provided box to enable the IEEE 802.1X protocol.
Date & Time
Current Server Time
Displays the current date and time (24h clock). The time can be displayed in 12h clock format in the overlay (see below).
New Server Time
Select your time zone from the drop-down list. If you want the server clock to automatically adjust for daylight savings time,
select the Automatically adjust for daylight saving time changes option.
Note:
The time zone setting only applies when the device’s time is synchronized with an NTP server.
From the Time mode section, select the preferred method to use for setting the time:
• Synchronize with computer time – Sets the time from the clock on your computer.
• Synchronize with NTP Server – The time will be obtained from an NTP server.
• Set manually – This option allows you to manually set the time and date.
Note:
If using a host name for the NTP server, a DNS server must be configured under TCP/IP settings.
See Basic TCP/IP Settings, on page 25.
Loading ...
Loading ...
Loading ...