Cisco C20 TelePresence System Administrator's Manual page 68

Cisco TelePresence System Quick Set C20 and Profiles using C20
Contents
Network [1..1] IEEE8021X Mode
The system can be connected to an IEEE 802.1X LAN network, with a port-based network
access control that is used to provide authenticated network access for Ethernet networks.
Requires user role: ADMIN
Value space: <Off/On>
Off: The 802.1X authentication is disabled (default).
On: The 802.1X authentication is enabled.
Network 1 IEEE8021X Mode: Off
Example:
Network [1..1] IEEE8021X TlsVerify
Verification of the server-side certificate of an IEEE802.1x connection against the certificates in
the local CA-list when TLS is used. The CA-list must be uploaded to the video system.
This setting takes effect only when Network [1..1] IEEE8021X Eap Tls is enabled (On).
Requires user role: ADMIN
Value space: <Off/On>
Off: When set to Off, TLS connections are allowed without verifying the server-side X.509
certificate against the local CA-list. This should typically be selected if no CA-list has been
uploaded to the codec.
On: When set to On, the server-side X.509 certificate will be validated against the local CA-
list for all TLS connections. Only servers with a valid certificate will be allowed.
xConfiguration Network 1 IEEE8021X TlsVerify: Off
Example:
Network [1..1] IEEE8021X UseClientCertificate
Authentication using a private key/certificate pair during an IEEE802.1x connection. The
authentication X.509 certificate must be uploaded to the video system.
Requires user role: ADMIN
Value space: <Off/On>
Off: When set to Off client-side authentication is not used (only server-side).
On: When set to On the client (video system) will perform a mutual authentication TLS
handshake with the server.
Network 1 IEEE8021X UseClientCertificate: Off
Example:
D14637.10 Profile C20 and Quick Set C20 Administrator Guide TC6.1, APRIL 2013.
Introduction Web interface System settings System settings
Network [1..1] IEEE8021X Identity
The 802.1X Identity is the user name needed for 802.1X authentication.
Requires user role: ADMIN
Value space: <S: 0, 64>
Format: String with a maximum of 64 characters.
Network 1 IEEE8021X Identity: ""
Example:
Network [1..1] IEEE8021X Password
The 802.1X Password is the password needed for 802.1X authentication.
Requires user role: ADMIN
Value space: <S: 0, 32>
Format: String with a maximum of 32 characters.
Network 1 IEEE8021X Password: ""
Example:
Network [1..1] IEEE8021X AnonymousIdentity
The 802.1X Anonymous ID string is to be used as unencrypted identity with EAP (Extensible
Authentication Protocol) types that support different tunneled identity, like EAP-PEAP and EAP-
TTLS. If set, the anonymous ID will be used for the initial (unencrypted) EAP Identity Request.
Requires user role: ADMIN
Value space: <S: 0, 64>
Format: String with a maximum of 64 characters.
Network 1 IEEE8021X AnonymousIdentity: ""
Example:
Network [1..1] IEEE8021X Eap Md5
Set the Md5 (Message-Digest Algorithm 5) mode. This is a Challenge Handshake
Authentication Protocol that relies on a shared secret. Md5 is a Weak security.
Requires user role: ADMIN
Value space: <Off/On>
Off: The EAP-MD5 protocol is disabled.
On: The EAP-MD5 protocol is enabled (default).
Network 1 IEEE8021X Eap Md5: On
Example:
www.cisco.com — Copyright © 2010-2013 Cisco Systems, Inc. All rights reserved.
68
Administrator Guide
Setting passwords Appendices