Pearl Nexus User Guide
                        
                                                
                                                Configure 802.1x network security and manage user certificates
You can enable 802.1x security and configure the EAP method for the Pearl device to use for secure network access using the Admin panel. Supported EAP methods include:
- PEAP (default)
- EAP-TLS
- EAP-TTLS
Important considerations
- If TLS authentication is used on the network, then you need to get a user certificate and a user private key from the network administrator and upload those to your Pearl device as part of this procedure.
- Before you proceed with this setup, check that the network server's signed CA certificate appears in the list of CA certificates on the Pearl device and is valid, see Manage CA and self-signed certificates.
- If the network server's CA certificate doesn't appear in the list of signed CA certificates and you can't obtain a valid signed CA certificate for network server authentication, do not check Verify server's identity when performing this setup.
- Security certificates must be PEM encoded.
Configure 802.1x and upload the user certificate and user private key using the Admin panel
- Log in to the Admin panel as admin, see Connect to the Admin panel.
- From the Configuration menu, select Network. The Network configuration page opens.
- In the Network Interfaces box under 802.1x, toggle Enabled and select an EAP method: PEAP, EAP-TLS, or EAP-TTLS.
- (Optional) Check Verify server's identity.
- Choose an Authentication method if you selected EAP-TTLS as the EAP method. The authentication method is automatically selected if PEAP or EAP-TLS is the EAP method.
- Enter the network access User name and Password to use for this device. Available fields depend on the EAP method that is selected.
Authentication methods
| EAP method | Authentication method | 
|---|---|
| PEAP | EAP-MSCHAPv2 | 
| EAP-TLS | TLS | 
| EAP-TTLS | EAP-MSCHAPv2 | 
| TLS | |
| PAP | 
- If TLS is chosen as the Authentication method, upload a user certificate and a user private key. You can request those from your network administrator.
- Click Apply when you're done.
- Reboot the Pearl device when prompted. After the system has finished rebooting, log back in to the Admin panel as admin and verify that all changes were applied.
If you need to delete the user certificate or private key, click Delete certificate.
 
                                    