HP 640n Print Server manual 18802.1X configuration settings

Page 111

The supported 802.1X authentication protocols and associated configuration depend on the print server model and firmware version. Available configuration settings are listed in Table 4-18 802.1X configuration settings on page 101.

Table 4-18802.1X configuration settings

Item

Description

 

 

Enable Protocols

Enable (check) the supported protocols used for 802.1X authentication on your network.

 

PEAP Uses digital certificates for network server authentication and passwords for

 

client authentication. PEAP requires an EAP User Name, EAP Password, and CA

 

Certificate. Dynamic encryption keys are also used.

 

EAP-TLSUses a mutual authentication protocol based on digital certificates for

 

authentication of both the client and the network authentication server. EAP-TLS

 

requires an EAP User Name, HP Jetdirect certificate and CA certificate. Dynamic

 

encryption keys are also used.

 

 

User Name

EAP/802.1X user name (up to 128 characters maximum) for this device. The default is

 

the default host name of the print server, NPIxxxxxx, where xxxxxx are the last six digits

 

of the LAN hardware (MAC) address. You can also use DOMAIN\username, where

 

DOMAIN is the Microsoft Windows NT 4 style DOMAIN name, username@domain, or

 

username.

 

 

Password, Confirm Password

EAP/802.1X password (up to 128 characters maximum) for this device. Enter the

 

password again in the Confirm Password field to verify.

 

 

Server ID

Server ID validation string to identify and validate the authentication server. The string is

 

specified on the digital certificate issued by a trusted certificate authority (CA) for the

 

authentication server. Can contain a partial string (right-most characters) unless the

 

Require Exact Match check box is selected.

 

 

Encryption Strength

Minimum encryption strength used during communication with the authentication server.

 

Select Low, Medium, or High encryption strength. For each encryption strength,

 

ciphers are specified to identify the weakest cipher allowed.

 

 

Jetdirect Ceritificate

A self-signed HP Jetdirect certificate is pre-installed. To install a replacement, click

 

Configure.

 

 

CA Certificate

To validate the authentication server's identity, the authentication server's certificate or a

 

CA (or “Root”) certificate must be installed on the print server. This CA certificate must

 

be issued by the certificate authority who signed the authentication server's certificate.

 

To configure or install a CA certificate, click Configure.

 

 

On Authentication Failure

By default, an invalid 802.1x configuration causes the print server to lose network

 

connectivity. This typically requires physical access to the printer/MFP to perform a

 

manual 802.1x reset from the control panel.

 

To allow network connectivity after an authentication failure (set the switch port to

 

unsecure), select Connect anyway (802.1x Fail-over).

 

To retain the default behavior during an authentication failure (block network access),

 

select Block network (secure failure).

 

 

ENWW

Networking tab 101

Image 111
Contents HP Jetdirect Print Servers Page HP Jetdirect Print Servers Trademark Credits Table of contents Mac OS network installation IPX/SPX 105 121125 165 139211 175179 193Supported print servers Introducing the HP Jetdirect print server2Supported network protocols Supported network protocolsSnmp IP and IPX AuthenticationEAP/802.1X port-based authentication Security protocolsWireless print server authentication Supplied manualsIPsec/Firewall HP online support Firmware upgradesFirmware installation tools HP supportProduct registration Product accessibility1Software Solutions HP Web Jetadmin see HP Web Jetadmin onOperating Environment Function Remarks HP software solutions summary HP Jetdirect Printer Installer for Unix HP Web JetadminSystem requirements Verify HP Web Jetadmin installation and provide access Install HP Web Jetadmin softwareConfigure and modify a device Remove HP Web Jetadmin softwareHttp// IPaddress /ipp/port# Microsoft-supplied softwareUse Bonjour Mac OS X Mac OS network installationNovell-supplied software Software toolsTest the configuration Verify network configurationEnww IPv6 address introduction IPv6 configurationLink-local address IPv6 address configurationStateless addresses Stateful addressesUse DNS IPv4 configuration Server-based and manual TCP/IP configuration IPv4Tools and utilities Default IP address IPv4 Default IP address is not assignedDefault IP address is assigned Dhcp requests enable/disable Default IP on wireless and wired print serversDefault IPv4 address configuration options Default IPv4 parameterTCP/IP configuration tools Default IPv4 behaviorUse BOOTP/TFTP IPv4 Advantages of using BOOTP/TFTPConfigure the print server using BOOTP/TFTP on Unix Systems using network information service NIS Configure the Bootp serverBootptab file entries IPv4 RFC Description 1Tags supported in a BOOTP/DHCP boot fileTftp configuration file entries IPv4 2TFTP configuration file parameters Example HP Jetdirect Tftp configuration fileGeneral TCP/IP Main TCP/IP Print Options Defaultq Ftp-printing or ftp-config,ftpIpp-printing or ipp-config,ipp Lpd-printing or lpd-config,lpdTCP/IP Access Control TCP/IP Other SettingsTCP/IP Raw Print Ports Syslog-protocol Bonjour-configSlp-keep-alive Slp-client-modeIcmp-ts-config Idle-timeoutUser-timeout or telnet-timeout Cold-resetAuth-trap or authentication-trap Default-ipDefault-ip-dhcp Snmp-configIpx-unit-name Ipx-config or ipx/spxTrap-dest or trap-destination Trap-dest ip-address community name port numberAppleTalk Other SettingsUse Dhcp IPv4 Unix systemsSupport Discontinue Dhcp configuration Use Rarp IPv4Microsoft Windows systems Laserjet1 Use the arp and ping commands IPv4Arp -s IP address LAN hardware address Ping IP address Use Telnet IPv4Typical Telnet session Create a Telnet connectionTelnet user interface options Telnet command line interface defaultCommand Description User Control Commands 3Telnet Commands and ParametersWireless 802.11 Main Desired-ssid Passphrase commandAmpdu Aggregation Network-typeWep-key-method Dot11-switch-timePsk-passphrase EncryptionHost-name Wireless DiagnosticsRoam-threshold 00a0f8387af7Hpnp/printer1.cfg Ipsec-config Firewall-configTftp Server Tftp FilenamePri-wins-svr Domain-name support.hp.comPrinter1.support.hp.com Pri-dns-svrTCP/IP LPD Queues Allow TCP/IP OtherSyslog-svr Bonjour Domain Name To 1440 EnableFtp-download User-timeoutEws-config Gw-disableTcp-mss TCP/IP Diagnostics Snmp Traps Ipx-banner PhaseIpx-mode Pjl-bannerOther 1000t-ms-conf 1000t-pause-confNetwork-select Support-contact Web JetAdmin URLWeb JetAdmin Name Menu InterfaceUse Telnet to remove an IP address 1Example Using the Menu InterfaceUse the HP Embedded Web Server Use the printer control panelMove to another network IPv4 Enww HP Embedded Web Server V .xx.nn.xx Compatible Web browsers Supported HP Web Jetadmin versionRequirements View the HP Embedded Web ServerView the HP Embedded Web Server HP Jetdirect Home tab Operating notes1HP Jetdirect Home Page Items Device tabs Networking tab2Networking Menu Items Wireless StationConfiguration section Diagnostics section3Wireless Station configuration parameters Channel Network Name SsidRefresh Ad Hoc Network peer-to-peerWEP Enterprise WPA WiFi Protected Access WPA-PersonalHpSecureNetwork WPA-Enterprise Restore DefaultsTCP/IP Settings Summary tab4TCP/IP Summary tab 5TCP/IP Network Identification tab Network Identification tab6TCP/IPv4 tab TCP/IPv4 tab7TCP/IPv6 tab TCP/IPv6 tab8TCP/IP Config Precedence tab Config Precedence tab9TCP/IP Advanced tab Advanced tabManually Configured Proxy Server PasswordDisable Default IP10IPX/SPX tab settings Network SettingsAppleTalk Type 11AppleTalk tab settingsAppleTalk Enable AppleTalk Name12SNMP tab settings Other Settings Misc. Settings13Miscellaneous Settings Locally Administered Address Certificate Mgmt ServiceWeb Services Print Link settingsBonjour Highest Priority Firmware UpgradeService LPD QueuesAppend String Name 14LPD Queues tab settingsQueue Name Prepend String NameString Name Default Queue NameQueue Type Raw or textSelect Language Security SettingsSecurity Level Description Basic Security 15Wizard Security LevelsCustom Security Restore DefaultsSecurity Level Description Enhanced Security RecommendedCertificates AuthorizationAdmin. Account Printer Password Synchronization16Certificate configuration screens Configure certificatesCertificate Information Install CertificateCertificate Validity Period Encryption Key LengthInstall Certificate or Install CA Certificate screens ExamplesDomain Name myprinter.mydepartment.mycompany.com Examples Access ControlMgmt. Protocols Web MgmtSnmp 17Other protocols Enable Print ProtocolsEnable Print Services OtherNaming Resolution 802.1X AuthenticationEnable Device Discovery Might be disabled without notification18802.1X configuration settings Device Announcement Agent Other Links Enww IPsec/Firewall configuration V .xx.nn.xx 1Firewall Policy 1IPsec/Firewall Policy HP Jetdirect IPsec/Firewall wizard Default Rule exampleAll IPv4 Addresses All Jetdirect Print Services IPsec security associations SALimitations to rules, templates and services 2Limitations to rules, templates and servicesLimit Create Address Template Specify Address Template3Create Address Template Specify Service TemplateCreate Service Template 4Create Service Template6Manage Custom Services Manage ServicesManage Custom Services 5Manage ServicesSpecify IPsec/Firewall Template Specify ActionIdentity Authentication Create IPsec Template7Create IPsec Template Certificates on 8Identity AuthenticationKerberos CertificatesKerberos Settings 10Kerberos Settings9Kerberos IKEv1/IKEv2 Phase 1 Authentication IKEv1/IKEv2 Phase 2 / Quick Mode IPsec Protocols11IKEv1/IKEv2 Phase 1 Authentication IPsec Protocols Manual Keys Advanced IKE Settings12IKEv1/IKEv2 Phase 2 / Quick Mode Settings IPsec Protocols 13Advanced IKE SettingsValue for an SA to use for packets received by the device Manual Keys14IPsec Protocols Manual Keys 15Manual KeysKey Format Configure Microsoft Windows systemsAuthentication Rule SummaryIPsec/Firewall 1Summary of HP Jetdirect security featuresIP Administrator Password Secure Embedded Web Server ManagementIPv4/IPv6 Snmp v1/v2c Set Community Name IP/IPX IPv4 Access Control ListAuthentication and Encryption Telnet ControlHP Web Jetadmin IPv4 Password and Profiles Configuration Precedence TablePrinter Control Panel Lock High Limit access to security features2Settings for Access Control MediumTroubleshoot the HP Jetdirect print server Example Cold reset using the service menu Reset to factory defaultsReset to factory defaults Disable an HP Jetdirect embedded print server V .xx.nn.xx Troubleshooting chart assess the problem General troubleshootingProcedure 2 Print an HP Jetdirect configuration Procedure 1 Verify the printer is on and onlineProcedure 3 Resolve printer display error messages Procedure 4 Resolve printer network communication problems Telnet IP address port Enww Troubleshooting wireless print servers Unable to communicate during initial setupUnable to communicate after initial setup My configured channel does not match the configuration Corrective actions SymptomsImproving reception and performance Firmware download failureEnww HP Jetdirect configuration pages 1Configuration Page Sections HP Jetdirect configurationStatus field error messages Configuration page formatMessageDescription Configuration page messagesHP Jetdirect Configuration/General Information 2HP Jetdirect Configuration/General InformationMessage Description Wireless station settings3802.11 Wireless station settings Security Settings Cert Expires Admin PasswordIPsec FirewallBAD Packets Received Network StatisticsTotal Packets Received Unicast Packets ReceivedTCP/IP configuration information TCP/IP protocol informationIPv4 section Subnet Mask Default GatewayConfig by IP AddressIPv4 Section IPv6 sectionIPX/SPX configuration information IPX/SPX protocol informationIPv6 Section Novell/NetWare parameters AppleTalk protocol informationCN=ljpserver.OU=support.OU=mycity.OU=mycompany DLC/LLC protocol information Error messages11 AppleTalk configuration information 12 DLC/LLC configuration informationError Code and Message Description 13Error messagesReboot Disconnected LAN Error Retry FaultsLAN Error no Linkbeat Network Reconfig MustTimeout Unable to LoginUnable to SET Password Disconnecting SPXError NDS PS Printer List Error 2B NDS ERR Unable to Login2C NDS Authentication ErrorTftp Local Error Novram Error4D CF ERR Access List 4F Tftp Remote ErrorBOOTP/DHCP in Progress BAD BOOTP/DHCP ReplyBAD Bootp TAG Size BOOTP/RARP in ProgressTrying to Connect to Dhcp Lease TimersAdjusted HP Jetdirect Security14General Information 2HP Jetdirect SecurityCurrent IPsec status IPsec Error Log Local IP addressesIPsec Statistics 17IKE Statistics IKE StatsIPsec Rules 16IPsec statisticsSRC Available Network ServicesIPsec Security Associations SA table 18IPsec Security AssociationsLPD printing Purpose of Program Requirements for configuring LPDAbout LPD Table A-1LPD programs and protocolsPrint a test file LPD setup overviewSet up IP parameters Set up print queuesLPD on Unix systems Configure print queues for BSD-based systemsExample jetdirect1 Use SAM to configure print queues HP-UX systemsPrint a test file LPD on Microsoft Windows Server 2003/2008 systemsInstall TCP/IP software Add LPR compatible printer window Verify the configurationAdd Microsoft Windows optional networking components Configure a network LPD printerLPD on Microsoft Windows XP systems Print from Microsoft Windows clientsClick Start, Printers and Faxes Create an LPR port for an installed printerControl connection Print filesUse FTP printing FTP connectionsData connection FTP loginEnd the FTP session CommandsTable B-1User commands for HP Jetdirect FTP server Command DescriptionPORT1 Example FTP SessionHP Jetdirect control panel menus V .xx.nn.xx Ssid Graphical control panel menusTable C-1HP Jetdirect EIO Menu on Graphical Control Panel Menu item Sub-menu item Values and DescriptionIPv4 Settings Config Method Configure Keys Transmit KeyReset EnableDhcp Renew Manual SettingsDefault IP IPv6 Settings EnableFrame Type DHCPv6 PolicyProxy Server Proxy PortIPsec or Firewall AppleTalk EnableReset Security Security Print SecHttp Test Enable WipeCode Verification LAN HW TestSelect All Tests TimeoutSnmp Test Data Path TestPercent Lost Ping ResultsPackets Sent Packets ReceivedPrint Protocols Link SpeedCFG Network Classic control panel EIO menusTable C-2HP Jetdirect EIO Menu on Classic Control Panel Menu Item DescriptionMenu Item CFG IPX/SPXWEB Code Verification SecurityIpsec FirewallEnww GSOAP Open source licensing statementsExpat XML Parser Copyright and Permission Notice CURLGNU General Public License GNU General Public LicenseGNU General Public License Enww No Warranty END of Terms and Conditions GNU Lesser General Public License GNU Lesser General Public LicenseEnww Enww Enww Enww Enww GNU Lesser General Public License OpenSSL OpenSSL licenseOriginal SSLeay license OpenSSL Appendix D Open source licensing statements Index See also Gateway NDS Novram Error Total Packets Rcvd Enww Page  Hewlett-Packard Development Company, L.P
Related manuals
Manual 56 pages 58.74 Kb