Sony DH280 Manual De Usuario
A
d
mini
s
tra
ting
t
t
he
Came
ra
Using the 802.1X Authentication Function — 802.1X Menu
66
3
Select New from the context menu, then select
Group and configure the group for 802.1X
connection.
For example, the group “Wired_802.1X_Group” is
assumed for explanation purposes.
Group and configure the group for 802.1X
connection.
For example, the group “Wired_802.1X_Group” is
assumed for explanation purposes.
Configuring the Internet Authentication
Service
Service
1
Open Internet Authentication Service from
Administrative Tools of the Windows menu.
Administrative Tools of the Windows menu.
2
Click Register Server in Active Directory on the
operation menu.
operation menu.
3
Read the displayed precautions carefully and click
OK to accept them.
OK to accept them.
Then, continue to configure the EAP-TLS policy.
4
Select Remote Access Policy and right-click.
5
Select New from the context menu, and select
Remote Access Policy to open “New Remote
Access Policy Wizard”.
Remote Access Policy to open “New Remote
Access Policy Wizard”.
6
Select Set up a custom policy.
7
Set the following items:
Policy name: Type “Allow 802.1X Access” as an
Policy name: Type “Allow 802.1X Access” as an
example.
Policy conditions: Click Add and add the
following items:
– NAS Port-Type: Ethernet, Wireless-
– NAS Port-Type: Ethernet, Wireless-
IEEE802.11, Wireless-Other and Virtual
(VPN)
(VPN)
– Windows-Groups: Wired_802.1X_Group
Permissions: Select Grant remote access
permission.
Edit Profile:
– Dial-in Constraints tab: Specify the session
time out period during which the client is
allowed to be connected, as required.
allowed to be connected, as required.
– Authentication tab: Delete checks from all the
boxes. Click EAP Method and add Smart
Card or other certificates.
Card or other certificates.
Then, continue to configure the RADIUS client.
8
Select RADIUS Clients and right-click.
9
Select New RADIUS Client from the context
menu.
menu.
10
Set the following items:
Friendly name: Type “authenticator” as an
Friendly name: Type “authenticator” as an
example.
Client address (IP or DNS): IP address of the
authenticator
Client-Vender: RADIUS Standard
Shared secret: Specify the shared secret to be set
Shared secret: Specify the shared secret to be set
in the authenticator.
Adding a user
1
Open Active Directory Users and Computers
from Administrative Tools of Windows menu.
from Administrative Tools of Windows menu.
2
Select Users of the domain with which you want to
add a user and right-click.
add a user and right-click.
3
Select New from the context menu, then select
User.
User.
4
Set the following items to configure a new user:
For example, the log-on user name “1XClient” is
assumed for explanation purposes.
First name: 1XClient
User logon name: 1XClient@<domain name>
Password: Specify a password. Then select
For example, the log-on user name “1XClient” is
assumed for explanation purposes.
First name: 1XClient
User logon name: 1XClient@<domain name>
Password: Specify a password. Then select
Password never expires in account options.
5
Select the user to be added and right-click.
6
Select Properties from the context menu.
7
Set the following items:
Dial-in tab: Select Allow access in Remote
Dial-in tab: Select Allow access in Remote
Access Permission (Dial-in or VPN)
Member Of tab: Add “Wired_802.1X_Group”.
The preparations for configuring a 802.1X network are
now completed.
Proceed to issue the certificate to be imported to the
camera.
now completed.
Proceed to issue the certificate to be imported to the
camera.
Issuing the CA certificate
Prepare a Windows client PC (called “client PC”
hereafter) to temporarily store the certificate, and
configure so that the client PC and Windows Server
2003 computer can be connected through the network.
hereafter) to temporarily store the certificate, and
configure so that the client PC and Windows Server
2003 computer can be connected through the network.
1
Start Internet Explorer on the client PC.
2
Type the CA’s URL in the address bar, and click Go
To.
The CA’s URL is normally as follows:
To.
The CA’s URL is normally as follows: