AXISP3384–VFixedDomeNetworkCamera
SystemOptions
2.SelectanHTTPScerticatefromthelistofinstalledcerticates.
3.Optionally,clickCiphersandselecttheencryptionalgorithmstouseforSSL.
4.SettheHTTPSConnectionP olicyforthedifferentusergroups.
5.ClickSavetoenablethesettings.
ToaccesstheAxisproductviathedesiredprotocol,enterhttps://orhttp://intheaddresseldinabrowser.
TheHTTPSportcanbechangedontheSystemOptions>Network>TCP/IP>Advancedpage.
IEEE802.1X
IEEE802.1Xisastandardforport-basedNetworkAdmissionControlprovidingsecureauthenticationofwiredandwirelessnetwork
devices.IEEE802.1XisbasedonEAP(ExtensibleAuthenticationProtocol).
ToaccessanetworkprotectedbyIEEE802.1X,devicesmustauthenticatethemselves.Theauthenticationisperformedbya
third-partyentitycalledanauthenticationserver,typicallyaRADIUSserver,examplesofwhichareFreeRADIUSandMicrosoft
InternetAuthenticationService.
InAxis'implementation,thenetworkdeviceandtheauthenticationserverauthenticatethemselveswiththehelpofdigital
certicatesusingEAP-TLS(ExtensibleAuthenticationProtocol-TransportLayerSecurity).Thecerticatesareprovidedbyan
CerticationAuthority(CA).Youneed:
aCAcerticatetovalidatetheidentityoftheauthenticationserver
aCA-signedclientcerticateandaprivatekeytoauthenticatethenetworkdevice.
ToallowthenetworkdevicetoaccessanetworkprotectedbyIEEE802.1X:
1.ObtainaCAcerticate,aclientcerticateandaclientprivatekey(contactyournetworkadministrator).
2.GotoSetup>SystemOptions>Security>IEEE802.1XanduploadtheCAcerticate,theclientcerticateandthe
clientprivatekey.
3.UnderSettings,selecttheEAPOLversion,provideyourEAPidentityandprivatekeypassword.
4.ChecktheboxtoenableIEEE802.1XandclickSave.
Certicates
CACerticateTheCAcerticateisusedtovalidatetheidentityoftheauthenticationserver.Enterthepathto
thecerticatedirectly,orlocatetheleusingtheBrowsebutton.ThenclickUpload.Toremove
acerticate,clickRemove.
Clientcerticate
Clientprivatekey
Theclientcerticateandprivatekeyareusedtoauthenticatethenetworkdevice.Theycanbe
uploadedasseparatelesorinonecombinedle(e.g.aPFXleoraPEMle).UsetheClient
privatekeyeldifuploadingonecombinedle.Foreachle,enterthepathtothele,orlocatethe
leusingtheBrowsebutton.ThenclickUpload.Toremoveale,clickRemove.
Settings
EAPOLversionSelecttheEAPOLversion(1or2)asusedinyournetworkswitch.
EAPidentityEntertheuseridentity(maximum16characters)associatedwithyourcerticate.
PrivatekeypasswordEnterthepassword(maximum16characters)fortheprivatekey.
EnableIEEE802.1XChecktheboxtoenabletheIEEE802.1Xprotocol.
45