802.1X Port-Based Network Access Control

From SpinetiX Support Wiki

Jump to: navigation, search

Applies to HMP400, HMP400W, and third-party players.

Introduction

IEEE 802 LANs are deployed in networks that convey or provide access to critical data, that support mission critical applications, or that charge for service. Port-based network access control regulates access to the network, guarding against transmission and reception by unidentified or unauthorized parties, and consequent network disruption, theft of service, or data loss. This allows a network administrator to restrict the use of IEEE 802(R) LAN service access points (ports) to secure communication between authenticated and authorized devices.

IEEE 802.1X is an IEEE Standard for port-based Network Access Control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN. The support for IEEE 802.1X network protocol is available starting with DSOS 4.5.1 on the HMP400, HMP400W, and third-party players.

Configuration

The easiest way to configure the 802.1x authentication, is to generate a configuration file using the network configurator tool - this file can be saved on a USB stick root folder (see how to configure player from USB stick) or somewhere on your PC and restored it later from Control Center.

The network configuration tool currently only supports generating the configuration for simple 802.1X usage (e.g., PEAP MSCHAPv2). The DSOS also supports advanced 802.1X with numerous EAP and PEAP methods, including client side (i.e., machine) certificates and password based methods, among which EAP-TLS, EAP-TTLS, EAP-PWD, EAP-GTC, PEAP-EAP-MSCHAPv2, PEAP-EAP-TLS, etc. These methods are configured by manually writing the configuration file, according to the Configuration API documentation. You can also contact SpinetiX Professional Services for assistance.

This page was last modified on 11 January 2021, at 10:19.