When you want to use IEEE 802.1X port-based authentication for your PRISMAsync Print Server printer, you need to configure IEEE 802.1X on the following devices.
Supplicant (PRISMAsync Print Server): The client that requests access to the Local Area Network (LAN) and responds to IEEE 802.1X requests from the authenticator (switch).
Authentication server (Network Policy Server (NPS)): Network Policy Server (NPS) is a service included in Windows Server. Its acts as RADIUS server to authenticate clients against Active Directory. The RADIUS server informs the authenticator (switch) that the supplicant is authorized to access the Local Area Network (LAN).
Authenticator (switch): The switch controls the physical access to the Local Area Network (LAN) based on the authentication status the RADIUS server has reported.
It is important that you perform the IEEE 802.1X configuration procedures in the order they are listed below.
Configure IEEE 802.1X on the authentication server (phase 1)
Configure Network Policy Server (NPS) to support RADIUS clients.
Check if the current RADIUS client (switch) properties are correct.
Add the switch as a RADIUS client to Network Policy Server (NPS).
Check the [Ethernet] Connection Request Policy.
Add the [Ethernet] Connection Request Policy.
NOTE
Windows Server 2016 and Windows Server 2012 R2 support RADIUS server platforms. PRISMAsync Print Server supports Windows Server 2016.
NOTE
For complete instructions how to configure Windows Server 2016, see the vendor documentation of the server.
NOTE
The configuration of IEEE 802.1X on the authentication server occurs in two steps (phase 1 and phase 2).
Configure IEEE 802.1X on the authenticator (switch)
Set up IEEE 802.1X on the switch.
Configure the port that controls the IEEE 802.1X connection to printer.
Enable communication with the RADIUS server.
Enable logging of events.
NOTE
For complete instructions to configure the switch, see the vendor documentation of the switch.
Import the Identity certificate of the RADIUS server.
Check if the current PRISMAsync Print Server Identity certificate is valid for IEEE 802.1X .
Configure IEEE 802.1X on PRISMAsync Print Server and configure one of the following authentication methods.
Configure PEAP with EAP-MS-CHAP-V2.
Configure EAP-TLS with printer name authentication.
Configure EAP-TLS with username authentication.
Configure PEAP with EAP-TLS and printer name authentication.
Configure PEAP with EAP-TLS and username authentication.
Test the [Port-based authentication (IEEE 802.1X)] configuration.
Check the current [Port-based authentication (IEEE 802.1X)] status.
Configure the selected PRISMAsync Print Server authentication method on Active Directory.
NOTE
For complete instructions how to configure Windows Server 2016, see the vendor documentation of the server.
Configure the selected PRISMAsync Print Server authentication method on the authentication server (phase 2).
NOTE
The configuration of IEEE 802.1X on the authentication server occurs in two steps (phase 1 and phase 2).
NOTE
For complete instructions how to configure Windows Server 2016, see the vendor documentation of the server.