Axis 02811-001 Axis P1465-LE-3 User Manual

Loading ...

AXIS P1465-LE-3 License Plate Veriﬁer Kit

The device interface

The context menu contains:

• Certicate information: View an installed certicate’s properties.

• Delete certicate: Delete the certicate.

• Create certicate signing request: Create a certicate signing request to send to a registration authority to apply

for a digital identity certicate.

IEEE 802.1x

IEEE 802.1x is an IEEE standard for port-based network admission control providing secure authentication of wired and wireless

network devices. IEEE 802.1x is based on EAP (Extensible Authentication Protocol).

To access a network protected by IEEE 802.1x, network devices must authenticate themselves. The authentication is performed by

an authentication server, typically a RADIUS server (for example FreeRADIUS and Microsoft Internet Authentication Server).

Certicates

When congured without a CA certicate, server certicate validation is disabled and the device tries to authenticate itself

regardless of what network it is connected to.

When using a certicate, in Axis' implementation, the device and the authentication server authenticate themselves with digital

certicates using EAP-TLS (Extensible Authentication Protocol - Transport Layer Security).

To allow the device to access a network protected through certicates, a signed client certicate must be installed on the device.

Client certicate: Select a client certicate to use IEEE 802.1x. The authentication server uses the certicate to validate the

client’s identity.

CA certicate: Select a CA certicate to validate the authentication server’s identity. When no certicate is selected, the device

tries to authenticate itself regardless of what network it is connected to.

EAP identity: Enter the user identity associated with the client certicate.

EAPOL version: Select the EAPOL version that is used in the network switch.

Use IEEE 802.1x: Select to use the IEEE 802.1x protocol.

Prevent brute-force attacks

Blocking: Turn on to block brute-force attacks. A brute-force attack uses trial-and-error to guess login info or encryption keys.

Blocking period: Enter the number of seconds to block a brute-force attack.

Blocking conditions: Enter the number of authentication failures allowed per second before the block starts. You can set the

number of failures allowed both on page level and device level.

IP address lter

Use lter: Select to lter which IP addresses that are allowed to access the device.

Policy: Choose whether to Allow access or Deny access for certain IP addresses.

Addresses: Enter the IP numbers that are either allowed or denied access to the device. You can also use the CIDR format.

Custom-signed rmware certicate

Loading ...

Axis 02811-001 P1465-LE-3 License Plate Verifier Kit