Settings for IEEE802.1X Authentication
IEEE802.1X is one of several LAN standards, and is an authentication standard that enables authentication of a client using a networked communication control device as an authenticator. Authentication requires the following 3 elements.
-
Supplicant (the printer)
-
Authentication Server (This is the server that registers and authenticates the computer and printer to be connected)
-
Authentication device (the switch/access point. Also known as the Authenticator)
The supplicant installed on the system that connects to the network sends authentication information to the authentication server. The authentication server queries the received authentication information and determines whether to allow connection to the network. The authenticator controls access of the device connecting to the network based on the result determined by the authentication server. The supplicant, the authentication server, and the authenticator work together to authenticate the network connection. On such a network, the printer can be a Wired LAN connection or a Wi-Fi connection as a supplicant. For Wi-Fi connection, there are WPA/WPA2/WPA3 Enterprise depending on the type of Wi-Fi wireless encryption.
IEEE802.1X authentication methods
The Canon Inkjet printer supports three types of authentication.
-
EAP-TLS
The printer and authentication server authenticate each other using their certificates. The printer uses a CA certificate for server authentication. Authentication of the printer (client) by the server requires key and client certificates issued by a certificate authority. At the time of factory shipment, a client certificate is not installed in the printer.
-
EAP-TTLS
Authentication method which uses a user name and password for printer authentication, and a CA certificate for server authentication. Select MSCHAPv2 or PAP as the authentication protocol.
-
PEAP
Setting requirements are almost the same as those with TTLS, with MSCHAPv2 being used as the internal protocol.