EAP/802.1X server-based authentication

EAP/802.1X server-based authentication

As a network client, HP Jetdirect full-featured print servers support network use with the extensible authentication protocol (EAP) on an IEEE 802.1X network. The IEEE 802.1X standard provides a port-based authentication protocol where a network port allows or blocks use, depending on client authentication results.

When using an 802.1X connection, the print server supports EAP with an authentication server, such as a remote authentication dial-in user service (RADIUS, RFC 2138) server.

Full-featured HP Jetdirect print servers support the following EAP/802.1X methods:

LEAP (lightweight EAP) is a proprietary Cisco Systems protocol that uses passwords for mutual authentication (the client and the server authenticate each other).

PEAP (protected EAP) is a mutual authentication protocol that uses digital certificates for network server authentication and passwords for client authentication. For additional security, the authentication exchanges are encapsulated within transport layer security (TLS). Dynamic encryption keys are used for secure communications.

EAP-TLS (RFC 2716) is a mutual authentication protocol based on X.509v3–compliant digital certificates for authentication of both the client and the network authentication server. Dynamic encryption keys are used for secure communications.

The network infrastructure device that connects the print server to the network (such as a network switch) must also support the EAP/802.1X method used. In cooperation with the authentication server, the infrastructure device can control the degree of network access and services available to the print server client.

To configure the print server for EAP/802.1X authentication, use the embedded Web server through your Web browser. For more information, see Embedded Web server (V.38.xx).

HP Jetdirect Print Servers EAP/802.1X server-based authentication