Configuration Overview Page 21 FortiFone User Guide
802.1X
IEEE 802.1X authentication is an IEEE standard for Port-based Network Access Control (PNAC),
part of the IEEE 802.1 group of networking protocols. It offers an authentication mechanism for
devices to connect/link to a LAN or WLAN.
The 802.1X authentication involves three parties: a supplicant, an authenticator and an
authentication server. The supplicant is the FON-C71 that wishes to attach to the LAN or WLAN.
With 802.1X port-based authentication, the FON-C71 provides credentials, such as user name
and password, for the authenticator, and then the authenticator forwards the credentials to the
authentication server for verification. If the authentication server determines the credentials are
valid, the FON-C71 is allowed to access resources located on the protected side of the network.
To configure the 802.1X authentication via phone user interface:
1. Tap Menu > Advanced (default password: 23646) > Network > 802.1x.
2. Tap or to select the desired value from the 802.1x Mode field.
a. If you select EAP-MD5:
i. Enter the user name for authentication in the Identity field.
ii. Enter the password for authentication in the MD5 Password field.
b. If you select EAP-TLS:
i. Enter the user name for authentication in the Identity field.
ii. Leave the MD5 Password field blank.
c. If you select EAP-PEAP/MSCHAPv2:
i. Enter the user name for authentication in the Identity field.
ii. Enter the password for authentication in the MD5 Password field.
d. If you select EAP-TTLS/EAP-MSCHAPv2:
i. Enter the user name for authentication in the Identity field.
ii. Enter the password for authentication in the MD5 Password field.
e. If you select EAP-PEAP/GTC:
i. Enter the user name for authentication in the Identity field.
ii. Enter the password for authentication in the MD5 Password field.
f. If you select EAP-TTLS/EAP-GTC:
i. Enter the user name for authentication in the Identity field.
ii. Enter the password for authentication in the MD5 Password field.
g. If you select EAP-FAST:
i. Enter the user name for authentication in the Identity field.
ii. Enter the password for authentication in the MD5 Password field.
3. Tap Save to accept the change. A dialog box pops up to prompt that the settings will take
effect after a reboot.
4. Tap OK to reboot the phone.
VPN
The FON-C71 supports SSL VPN, which provides remote-access VPN capabilities through SSL.
OpenVPN is a full featured SSL VPN software solution that creates secure connections in
remote access facilities, designed to work with the TUN/TAP virtual network interface. TUN and
TAP are virtual network kernel devices. TAP simulates a link layer device and provides a virtual
point-to-point connection, while TUN simulates a network layer device and provides a virtual
network segment.
To Next Page
Loading...
