HP ew2500 802.11b/g Print Server manual Default Rule example, IPsec security associations SA

Page 118

Default Rule example

The following illustrates the print server behavior depending on whether the default rule is set to Allow or Drop (default).

IPsec Policy Configuration Example: IPsec is enabled on the print server with the following rule:

All IPv4 Addresses

All Jetdirect Print Services

A simple IPsec template for these addresses and services is configured. If the Default Rule is set to Allow, then:

An IP packet that is not IPsec-protected, but with an IPv4 address directed to printing port 9100 is not processed (dropped) because it violates the configured rule.

An IP packet that is not IPsec-protected, but with an IPv4 address to a service port other than port 9100 (such as Telnet), is allowed and processed.

If the Default Rule is set to Drop, then:

An IP packet that is not IPsec-protected, but with an IPv4 address directed to printing port 9100 is not processed (dropped) because it violates the configured rule.

An IPsec packet with IPv4 address directed to printing port 9100 is allowed and processed because it matches the rule.

A non-IPsec packet with IPv4 address to the Telnet port is dropped because it violates the default rule.

IPsec security associations (SA)

If a packet is IPsec-protected, there must be an IPsec security association (SA) for it. A security association defines how an IP packet from one host to another is protected. Among many things, it defines the IPsec protocol to use, the authentication and encryption keys, and duration of key use.

An IPsec SA is unidirectional. A host can have an inbound SA and an outbound SA associated with particular IP packet protocols and services, and the IPsec protocol used to protect them.

When properly configured, the IPsec rules define the security associations for IP traffic to and from the HP Jetdirect print server and can ensure all traffic is secure.

HP Jetdirect IPsec/Firewall wizard

Use the IPsec/Firewall wizard to create one or more rules to be applied to IP traffic. Click Add Rules to start the IPsec/Firewall wizard.

108

Chapter 5 IPsec/Firewall configuration (V.40.xx)

Image 118
Contents HP Jetdirect Print Servers Page HP Jetdirect Print Servers Copyright Hewlett-Packard Development Company, L.P Trademark CreditsTable of contents HP Embedded Web Server IPsec/Firewall configuration 105 DLC/LLC SnmpHP Jetdirect configuration pages 135 Security features 121Troubleshoot the HP Jetdirect print server 125 Appendix a LPD printing 163 Appendix B FTP printing 173Appendix D Open source licensing statements 188 Appendix C HP Jetdirect control panel menus 177Index 191 Introducing the HP Jetdirect print server Supported print serversSupported network protocols 2Supported network protocolsSecurity protocols AuthenticationEAP/802.1X port-based authentication Snmp IP and IPXWireless print server authentication IPsec/FirewallSupplied manuals Firmware upgradesFirmware installation tools HP supportProduct registration Product accessibilityHP support by phone HP Web Jetadmin see HP Web Jetadmin on HP software solutions summary1Software Solutions Operating Environment Function RemarksOperating Environment Function HP Web Jetadmin HP Jetdirect Printer Installer for UnixSystem requirements Install HP Web Jetadmin software Verify HP Web Jetadmin installation and provide access Configure and modify a deviceRemove HP Web Jetadmin software Internet Printer Connection softwareSoftware tools Mac OS network installationNovell-supplied software Windows XP/Server 2003 or 2008 integrated softwareUse Bonjour Mac OS X Open System Preferences, and then open Print & FaxVerify network configuration Test the configurationIPv6 configuration TCP/IP configurationIPv6 address introduction Link-local address IPv6 address configurationStateless addresses Stateful addresses Use DNSServer-based and manual TCP/IP configuration IPv4 IPv4 configurationTools and utilities Default IP address is not assigned Default IP address IPv4Default IP address is assigned Default IPv4 parameter Default IP on wireless and wired print serversDefault IPv4 address configuration options Dhcp requests enable/disableDefault IPv4 behavior TCP/IP configuration toolsAdvantages of using BOOTP/TFTP Use BOOTP/TFTP IPv4Configure the print server using BOOTP/TFTP on Unix Configure the Bootp server Systems using network information service NISBootptab file entries IPv4 1Tags supported in a BOOTP/DHCP boot file RFC Description OptionTftp configuration file entries IPv4 Example HP Jetdirect Tftp configuration file 2TFTP configuration file parametersGeneral TCP/IP Main TCP/IP Print Options Ipp-printing or ipp-config,ipp Printing or 9100-configFtp-printing or ftp-config,ftp Lpd-printing or lpd-config,lpdTCP/IP Other Settings TCP/IP Access ControlTCP/IP Raw Print Ports Syslog-facility Slp-configBonjour-config Slp-keep-aliveCold-reset Idle-timeoutUser-timeout or telnet-timeout Icmp-ts-configDefault-ip-dhcp Telnet-config or telnetDefault-ip Snmp-configGet-cmnty-name or get-community-name Auth-trap or authentication-trapIpx-config or ipx/spx Set-cmnty-name or set-community-nameOther Settings AppleTalkUsb-mode UpgradeUpgrade Tftp server IP Version Product Number Filename Usb-speedUnix systems Use Dhcp IPv4Support Windows systems Windows Server 2003 and ServerDiscontinue Dhcp configuration Use Rarp IPv4 Laserjet1Use the arp and ping commands IPv4 Arp -s IP address LAN hardware address Ping IP addressUse Telnet IPv4 Create a Telnet connectionTypical Telnet session Route add Jetdirect IP Address system IP AddressCommandDescription User Control Commands Telnet command line interface default3Telnet Commands and Parameters Telnet user interface optionsWireless 802.11 Main Svr-auth-user Auth-typeServer-auth Svr-auth-passWireless Diagnostics Host-name Ipsec-config Firewall-config00a0f8387af7 SpecifiedHpnp/printer1.cfg Tftp ServerTftp Filename Domain-name support.hp.comIpp-printing PrintingFtp-printing Lpd-printingTCP/IP LPD Queues TCP/IP OtherTo 1440 Enable Syslog-svrBonjour Domain Name Ftp-downloadGw-disable User-timeoutEws-config For more information, see HP Embedded Web Server V.40.xx onTCP/IP Diagnostics Snmp Traps Address Ipx-configIpx-unitname Ipx-modeOther Ws-discovery-conf Upgrade LaaXml-services-conf 1000t-ms-confNetwork-select Web JetAdmin Name Job-timeoutWeb JetAdmin URL Menu Interface1Example Using the Menu Interface Use Telnet to remove an IP addressUse the printer control panel Use the HP Embedded Web ServerMove to another network IPv4 Page HP Embedded Web Server View the HP Embedded Web Server Supported HP Web Jetadmin versionRequirements Compatible Web browsersPage Operating notes HP Jetdirect Home tab1HP Jetdirect Home Page Items Networking tab Device tabsDiagnostics section WirelessConfiguration section 2Networking Menu Items3Wireless configuration parameters WEP Personal WEP Enterprise WPA Personal Restore DefaultsWPA Enterprise Summary tab TCP/IP Settings4TCP/IP Summary tab Network Identification tab 5TCP/IP Network Identification tabTCP/IPv4 tab 6TCP/IPv4 tabTCP/IPv6 tab 7TCP/IPv6 tabConfig Precedence tab 8TCP/IP Config Precedence tabAdvanced tab 9TCP/IP Advanced tabDisable Manual SettingsProxy Server Password Default IPNetwork Settings 10IPX/SPX tab settings 11AppleTalk tab settings AppleTalk12SNMP tab settings Misc. Settings Other Settings13Miscellaneous Settings Web Services Print HP XML ServicesCertificate Mgmt Service Link settingsFirmware Upgrade LPD QueuesPrepend String Name 14LPD Queues tab settingsQueue Name Append String NameString Name Default Queue NameQueue Type ValueSupport Info USB Settings15USB Settings tab Refresh RateStatus Security SettingsSelect Language Wizard16Wizard Security Levels Security Level Description Basic SecurityRecommended Restore DefaultsSecurity Level Description Enhanced Security Custom SecurityPrinter Password Synchronization AuthorizationAdmin. Account CertificatesConfigure certificates 17Certificate configuration screensCertificate Information Install CertificateCertificate Validity Period Import Certificate and Private KeyExamples Install Certificate or Install CA Certificate screensDomain Name myprinter.mydepartment.mycompany.com Access Control IP Address Mask DescriptionWeb Mgmt Mgmt. ProtocolsSnmp Other Enable Print ProtocolsEnable Print Services 18Other protocolsSLP, might be disabled without notification 802.1X AuthenticationEnable Device Discovery Naming Resolution19802.1X configuration settings Assessment Other Links IPsec/Firewall configuration 1Firewall Policy 1IPsec/Firewall Policy IPsec security associations SA Default Rule exampleAll IPv4 Addresses All Jetdirect Print Services HP Jetdirect IPsec/Firewall wizard2Limitations to rules, templates and services Limitations to rules, templates and servicesLimit Specify Address Template Create Address Template4Create Service Template Specify Service TemplateCreate Service Template 3Create Address Template5Manage Services Manage ServicesManage Custom Services 6Manage Custom ServicesSpecify Action Specify IPsec/Firewall TemplateCreate IPsec Template Identity Authentication7Create IPsec Template Certificates 8Identity AuthenticationKerberos Certificates on10Kerberos Settings Kerberos Settings9Kerberos IKEv1/IKEv2 Phase 2 / Quick Mode IPsec Protocols IKEv1/IKEv2 Phase 1 Authentication11IKEv1/IKEv2 Phase 1 Authentication 12IKEv1/IKEv2 Phase 2 / Quick Mode Settings IPsec Protocols Advanced IKE Settings13Advanced IKE Settings 14IPsec Protocols Manual Keys IPsec Protocols Manual KeysManual Keys 15Manual KeysConfigure Windows systems Rule SummarySecurity features 1Summary of HP Jetdirect security featuresTelnet Control Authentication and EncryptionHP Web Jetadmin IPv4 Password and Profiles IPv4/IPv6 Snmp v1/v2c Set Community Name IP/IPXLimit access to security features 2Settings for Access ControlMedium Settings Level of Access ControlHigh Reset to factory defaults Troubleshoot the HP Jetdirect print serverDisable an HP Jetdirect embedded print server Example Cold reset using the service menuGeneral troubleshooting Troubleshooting chart assess the problemProcedure 1 Verify the printer is on and online Procedure 2 Print an HP Jetdirect configurationProcedure 3 Resolve printer display error messages Procedure 4 Resolve printer network communication problems Telnet IP address port Unable to communicate during initial setup Troubleshooting wireless print serversUnable to communicate after initial setup My configured channel does not match the configuration Firmware download failure SymptomsImproving reception and performance Corrective actionsHP Jetdirect configuration HP Jetdirect configuration pagesStatus field error messages HP Jetdirect Configuration or General Information Configuration page format1Configuration Page Sections Section Name2HP Jetdirect Configuration/General Information Configuration page messagesHP Jetdirect Configuration/General Information MessageDescriptionUSB printer information Message Description4802.11 Wireless settings Wireless settingsUSB Speed Status/Error Messages Network Name SsidAuthentication Type Signal StrengthAccess Point / Bssid SSL IssuerSecurity Settings Snmp Versions Access ListSecure Web Configuration Snmp Set Cmty NameNetwork Statistics TCP/IP configuration informationTCP/IP protocol information IPv4 section IPv4 SectionBootp Server Default GatewayConfig by Rarp Server BOOTP/DHCP ServerIPv6 section IPX/SPX protocol informationIPv6 Section 10 IPX/SPX configuration information Novell/NetWare parametersAppleTalk protocol information 11 Novell/NetWare configuration information12 AppleTalk configuration information CN=ljpserver.OU=support.OU=mycity.OU=mycompany14Error messages Error messages13 DLC/LLC configuration information DLC/LLC protocol informationError Code and Message Description Configuration Error Network Reconfig MustReboot Disconnected Not ConfiguredDisconnecting SPX Unable to LoginUnable to SET Password TimeoutDirected to the print server 4F Tftp Remote Error Novram Error4D CF ERR Access List 3C NDS ERR Unresolved QueueBAD Bootp TAG Size Tftp Local ErrorBAD BOOTP/DHCP Reply BOOTP/RARP in ProgressHP Jetdirect Security 2HP Jetdirect Security 15General InformationCurrent IPsec status Local IP addresses IPsec Error LogIPsec Statistics 17IPsec statistics IKE StatsIPsec Rules 18IKE Statistics19IPsec Security Associations Available Network ServicesIPsec Security Associations SA table SRCTable A-1LPD programs and protocols LPD printingAbout LPD Program Name Purpose of ProgramSet up IP parameters Requirements for configuring LPDLPD setup overview Set up print queuesLPD on Unix systems Configure print queues for BSD-based systemsPrint a test file Table A-2Supported queue typesUse SAM to configure print queues HP-UX systems Print a test file Examples myprinter or printer1Install TCP/IP software LPD on Windows Server 2003/2008 systemsAdd LPR compatible printer window Print from Windows clients Verify the configurationLPD on Windows XP systems Add Windows optional networking componentsCreate an LPR port for an installed printer Configure a network LPD printerAdd a new LPD printer Page Use FTP printing FTP printingPrint files FTP connectionsFTP login Data connectionCommand Description CommandsTable B-1User commands for HP Jetdirect FTP server End the FTP sessionExample FTP Session PORT1Graphical control panel menus HP Jetdirect control panel menusHP Jetdirect EIO Menu on Graphical Control Panel Table C-1HP Jetdirect EIO Menu on Graphical Control Panel Secondary DNS IPv6 Settings EnablePrimary DNS AddressProxy Port AppleTalk EnableProxy Server Frame TypeLogin Security Keep Reset Assessment Disable Reset SecurityEnable Wipe IPsec or FirewallHttp Test Diagnostics Embedded TestsLAN HW Test Snmp TestPing Test TimeoutExecute Dest TypeRefresh RTT AveragePing in Progress Link SpeedHP Jetdirect EIO Menu on Classic Control Panel Classic control panel EIO menusMenu Item Description CFG IPX/SPX Table C-2HP Jetdirect EIO Menu on Classic Control PanelMenu Item WEBCode Verification IpsecFirewall PrintOpenSSL Open source licensing statementsGSOAP OpenSSL licenseOriginal SSLeay license Page Index TypeSee also Gateway Babble Port Select WEP Hewlett-Packard Development Company, L.P
Related manuals
Manual 58 pages 63.63 Kb

ew2500 802.11b/g Print Server specifications

The HP ew2500 802.11b/g Print Server is a versatile printing solution designed to streamline the printing process within a wireless network environment. Specifically geared towards small to medium-sized offices, this print server provides seamless integration for various printers and enhances accessibility across multiple devices.

One of the main features of the HP ew2500 is its adherence to the 802.11b/g wireless standards, offering high-speed wireless connectivity with a maximum data rate of up to 54 Mbps. This ensures efficient data transmission, allowing users to print from anywhere within the wireless range without the hassle of tangled cables or limited port access. The print server supports both infrastructure and ad-hoc wireless networking modes, making it flexible for diverse networking environments.

Another notable characteristic of the ew2500 is its compatibility with various printer types, including inkjet, laser, and all-in-one printers. This compatibility is essential for organizations that utilize different printer brands and models, facilitating a centralized printing solution. Additionally, the server is equipped with an Ethernet port, providing the option for wired connectivity, which can be beneficial for situations where wireless performance might be compromised.

The HP ew2500 is designed with user-friendly features. The easy setup process allows users to configure the server using a straightforward web interface, which can be accessed from any network-enabled device. This simplicity reduces the time required for installation and eliminates the need for extensive technical knowledge.

Security is another critical aspect of the HP ew2500's functionality. The print server supports robust encryption protocols, including WEP and WPA, ensuring that data transmitted over the network remains secure from unauthorized access. This feature is particularly important in office environments where sensitive information may be printed frequently.

Overall, the HP ew2500 802.11b/g Print Server is an efficient and reliable solution for enabling wireless printing capabilities in a business setting. Its combination of high-speed wireless connectivity, broad printer compatibility, user-friendly setup, and essential security features makes it an excellent choice for organizations looking to enhance their printing infrastructure. Whether in an office or a home environment, the ew2500 provides the functionality and convenience necessary to meet modern printing demands efficiently.