Menu path: Setup > Network > LAN Interfaces > [Interface] > Authentication

You can enable and configure network port authentication in accordance with the IEEE 802.1x standard here. The following settings are available:

  • Enable IEEE-802.1x authentication: This option enables network port authentication.
  • EAP Type: You can choose between the PEAP and TLS authentication procedures here.
    For the EAP Type PEAP, the following phase 2 authentication methods are available to choose from under Auth Method:
    • MSCHAPV2
    • TLS
    • GTC
    • MD5
  • Validate Server Certificate: If this option is enabled, the certificate of the server will be checked cryptographically. In order to do this, the path to the CA certificate file is required in CA Root Certificate. The file can be in PEM or DER format.
    A number of the following fields need to be filled in only for specific combinations of EAP type and Auth Method.
  • Manage certificates with SCEP (NDES): Automatically manage client certificates with SCEP
  • Identity: The user name for network access
  • Password: The password for network access
    If you leave the Identity and Password fields empty, an entry mask for authentication purposes will be shown. However, this does not apply to the methods with a client certificate (TLS and PEAP-TLS) where these details are mandatory.
  • Client Certificate: Path to the file with the certificate for client authentication in the PEM (base64) or DER format. If a private key in the PKCS12 format is used, leave this field empty.
  • Private key: Path to the file with the private key for the client certificate. The file can be in the PEM (base64), DER or PFX format. The Private Key Passwordmay be required for access.