Administrator's Manual 32.Configuring 802.1x
Version 2.2.8 213 400HD Series IP Phones
32 Configuring 802.1x
802.1X is an IEEE Standard for Port-based Network Access Control (PNAC). It's part of the
IEEE 802.1 group of networking protocols. It provides an authentication mechanism for
devices wishing to connect to a LAN or WLAN.
The employee's PC negotiates 802.1X. Messages are sent transparent to the enterprise
switch. The IP phone is uninvolved in the negotiation; however, if an employee's PC is
disconnected, their IP phone notifies the switch. If an employee's PC is disconnected from
the IP phone, a PROXY-EAP-LOGOFF mechanism lets the IP phone immediately log off the
port from the authentication server to prevent anyone else from connecting to it.
The phone performs like this:
IP phone and PC connected to IP phone's PC port successfully perform 802.1X
authentication. The authentication server records the IP phone and PC as authorized.
If the PC is disconnected from IP phone's PC port, the phone sends an EAPoL-Logoff
message for the PC. The authentication server then records the PC as unauthorized.
If the PC reconnects to the IP phone's PC port, the authentication server requests the
PC to perform 802.1X authentication again.
Note: Before you can connect to a 802.1x server, you need to ensure that the same
certificate and Trusted Root CA are loaded to both the phone and the 802.1x. For more
information, see Section 29.
32.1 Configuring 802.1x using the Phone's LCD
This section shows how to configure 802.1x using the phone's LCD.
To configure 802.1x using the phone's LCD:
1. In the phone's LCD, access the 802.1x Settings screen (MENU key > Administration
menu > Network Settings > 802.1xSettings).
2. Navigate to and select either:
• Disabled – disables the 802.1x feature
• EAP-MD5 – see Section 32.1.1
• EAP-TLS - see Section 32.1.2
To Next Page
Loading...
