HP 640n Print Server manual Identity Authentication, 7Create IPsec Template

Page 124

Create IPsec Template

Use this page to create an IPsec template and to specify how security associations (SAs) are created (manually or dynamically). To create an IPsec template, use the following steps:

1.Enter a unique name for the template.

2.Select an authentication type. See the item descriptions in the following table.

3.Click Next.

NOTE: The subsequent configuration pages depend on your authentication type selection (Internet Key Exchange or Manual Keys).

Table 5-7Create IPsec Template page

Item	Description

IPsec Template Name	Custom IPsec template name. This name is added to the Specify IPsec Template
	page.
	NOTE: The IPsec template name must be unique.

Authentication Type	Select the authentication type. Hosts specified in the Address template must negotiate
	IPsec security settings during a session. During negotiation, authentication must occur
	to validate sender/receiver identities.
	● Internet Key Exchange (default) Use Internet key exchange (IKE) protocols for
	authentication and encryption and to create security associations.
	◦	Version Select the IKE version (IKEv1 or IKEv2).
	◦	Set IKE Defaults Select a default security profile for IKE operation. Several
		predefined profiles are provided. To configure a custom security profile,
		select the Specify Custom Profile option.
	◦	Preview IKE Defaults View the settings for a selected IKE default security
		profile.

If you select IKE for authentication and a default security profile, click Next to display the Identity Authentication page.

●Manual Keys Configure IPsec authentication/encryption protocols and keys manually. Click Next to display the IPsec Protocols page.

Identity Authentication

Use this page to choose an identity authentication method:

●Pre-Shared Key

●Certificates

●Kerberos

Identity Authentication page items are described in the following table.

114 Chapter 5 IPsec/Firewall configuration (V.45.xx.nn.xx)

ENWW

Image 124

Contents HP Jetdirect Print Servers Page HP Jetdirect Print Servers Trademark Credits Table of contents Mac OS network installation IPX/SPX 121 105125 139 165175 179193 211Introducing the HP Jetdirect print server Supported print serversSupported network protocols 2Supported network protocolsAuthentication EAP/802.1X port-based authenticationSecurity protocols Snmp IP and IPXSupplied manuals Wireless print server authenticationIPsec/Firewall Firmware upgrades Firmware installation toolsHP support HP online supportProduct accessibility Product registrationHP Web Jetadmin see HP Web Jetadmin on 1Software SolutionsOperating Environment Function Remarks HP software solutions summary HP Web Jetadmin HP Jetdirect Printer Installer for UnixSystem requirements Install HP Web Jetadmin software Configure and modify a deviceRemove HP Web Jetadmin software Verify HP Web Jetadmin installation and provide accessMicrosoft-supplied software Http// IPaddress /ipp/port#Mac OS network installation Novell-supplied softwareSoftware tools Use Bonjour Mac OS XVerify network configuration Test the configurationEnww IPv6 configuration IPv6 address introductionIPv6 address configuration Link-local addressStateful addresses Stateless addressesUse DNS Server-based and manual TCP/IP configuration IPv4 IPv4 configurationTools and utilities Default IP address is not assigned Default IP address IPv4Default IP address is assigned Default IP on wireless and wired print servers Default IPv4 address configuration optionsDefault IPv4 parameter Dhcp requests enable/disableDefault IPv4 behavior TCP/IP configuration toolsAdvantages of using BOOTP/TFTP Use BOOTP/TFTP IPv4Configure the print server using BOOTP/TFTP on Unix Configure the Bootp server Systems using network information service NISBootptab file entries IPv4 1Tags supported in a BOOTP/DHCP boot file RFC DescriptionTftp configuration file entries IPv4 Example HP Jetdirect Tftp configuration file 2TFTP configuration file parametersGeneral TCP/IP Main TCP/IP Print Options Ftp-printing or ftp-config,ftp Ipp-printing or ipp-config,ippLpd-printing or lpd-config,lpd DefaultqTCP/IP Other Settings TCP/IP Access ControlTCP/IP Raw Print Ports Bonjour-config Slp-keep-aliveSlp-client-mode Syslog-protocolIdle-timeout User-timeout or telnet-timeoutCold-reset Icmp-ts-configDefault-ip Default-ip-dhcpSnmp-config Auth-trap or authentication-trapIpx-config or ipx/spx Trap-dest or trap-destinationTrap-dest ip-address community name port number Ipx-unit-nameOther Settings AppleTalkUnix systems Use Dhcp IPv4Support Use Rarp IPv4 Discontinue Dhcp configurationMicrosoft Windows systems Use the arp and ping commands IPv4 Laserjet1Use Telnet IPv4 Arp -s IP address LAN hardware address Ping IP addressCreate a Telnet connection Typical Telnet sessionTelnet command line interface default Telnet user interface options3Telnet Commands and Parameters Command Description User Control CommandsWireless 802.11 Main Passphrase command Ampdu AggregationNetwork-type Desired-ssidDot11-switch-time Psk-passphraseEncryption Wep-key-methodWireless Diagnostics Roam-threshold00a0f8387af7 Host-nameIpsec-config Firewall-config Tftp ServerTftp Filename Hpnp/printer1.cfgDomain-name support.hp.com Printer1.support.hp.comPri-dns-svr Pri-wins-svrTCP/IP LPD Queues TCP/IP Other AllowSyslog-svr To 1440 Enable Bonjour Domain NameUser-timeout Ftp-downloadGw-disable Ews-configTcp-mss TCP/IP Diagnostics Snmp Traps Phase Ipx-modePjl-banner Ipx-bannerOther 1000t-pause-conf 1000t-ms-confNetwork-select Web JetAdmin URL Web JetAdmin NameMenu Interface Support-contact1Example Using the Menu Interface Use Telnet to remove an IP addressUse the printer control panel Use the HP Embedded Web ServerMove to another network IPv4 Enww HP Embedded Web Server V .xx.nn.xx Supported HP Web Jetadmin version RequirementsView the HP Embedded Web Server Compatible Web browsersView the HP Embedded Web Server Operating notes HP Jetdirect Home tab1HP Jetdirect Home Page Items Networking tab Device tabsWireless Station Configuration sectionDiagnostics section 2Networking Menu Items3Wireless Station configuration parameters Network Name Ssid RefreshAd Hoc Network peer-to-peer ChannelWEP Enterprise WPA-Personal WPA WiFi Protected AccessHpSecureNetwork Restore Defaults WPA-EnterpriseSummary tab TCP/IP Settings4TCP/IP Summary tab Network Identification tab 5TCP/IP Network Identification tabTCP/IPv4 tab 6TCP/IPv4 tabTCP/IPv6 tab 7TCP/IPv6 tabConfig Precedence tab 8TCP/IP Config Precedence tabAdvanced tab 9TCP/IP Advanced tabProxy Server Password DisableDefault IP Manually ConfiguredNetwork Settings 10IPX/SPX tab settingsAppleTalk 11AppleTalk tab settings AppleTalk EnableAppleTalk Name Type12SNMP tab settings Misc. Settings Other Settings13Miscellaneous Settings Certificate Mgmt Service Web Services PrintLink settings Locally Administered AddressFirmware Upgrade ServiceLPD Queues Bonjour Highest Priority14LPD Queues tab settings Queue NamePrepend String Name Append String NameDefault Queue Name Queue TypeRaw or text String NameSecurity Settings Select Language15Wizard Security Levels Security Level Description Basic SecurityRestore Defaults Security Level Description Enhanced SecurityRecommended Custom SecurityAuthorization Admin. AccountPrinter Password Synchronization CertificatesConfigure certificates 16Certificate configuration screensInstall Certificate Certificate Validity PeriodEncryption Key Length Certificate InformationExamples Install Certificate or Install CA Certificate screensDomain Name myprinter.mydepartment.mycompany.com Access Control ExamplesWeb Mgmt Mgmt. ProtocolsSnmp Enable Print Protocols Enable Print ServicesOther 17Other protocols802.1X Authentication Enable Device DiscoveryMight be disabled without notification Naming Resolution18802.1X configuration settings Device Announcement Agent Other Links Enww IPsec/Firewall configuration V .xx.nn.xx 1Firewall Policy 1IPsec/Firewall Policy Default Rule example All IPv4 Addresses All Jetdirect Print ServicesIPsec security associations SA HP Jetdirect IPsec/Firewall wizard2Limitations to rules, templates and services Limitations to rules, templates and servicesLimit Specify Address Template Create Address TemplateSpecify Service Template Create Service Template4Create Service Template 3Create Address TemplateManage Services Manage Custom Services5Manage Services 6Manage Custom ServicesSpecify Action Specify IPsec/Firewall TemplateCreate IPsec Template Identity Authentication7Create IPsec Template 8Identity Authentication KerberosCertificates Certificates on10Kerberos Settings Kerberos Settings9Kerberos IKEv1/IKEv2 Phase 2 / Quick Mode IPsec Protocols IKEv1/IKEv2 Phase 1 Authentication11IKEv1/IKEv2 Phase 1 Authentication Advanced IKE Settings 12IKEv1/IKEv2 Phase 2 / Quick Mode Settings IPsec Protocols13Advanced IKE Settings IPsec Protocols Manual KeysManual Keys 14IPsec Protocols Manual Keys15Manual Keys Value for an SA to use for packets received by the deviceConfigure Microsoft Windows systems AuthenticationRule Summary Key Format1Summary of HP Jetdirect security features IP Administrator PasswordSecure Embedded Web Server Management IPsec/FirewallIPv4 Access Control List Authentication and EncryptionTelnet Control IPv4/IPv6 Snmp v1/v2c Set Community Name IP/IPXConfiguration Precedence Table HP Web Jetadmin IPv4 Password and ProfilesPrinter Control Panel Lock Limit access to security features 2Settings for Access ControlMedium HighTroubleshoot the HP Jetdirect print server Reset to factory defaults Example Cold reset using the service menuReset to factory defaults Disable an HP Jetdirect embedded print server V .xx.nn.xx General troubleshooting Troubleshooting chart assess the problemProcedure 1 Verify the printer is on and online Procedure 2 Print an HP Jetdirect configurationProcedure 3 Resolve printer display error messages Procedure 4 Resolve printer network communication problems Telnet IP address port Enww Unable to communicate during initial setup Troubleshooting wireless print serversUnable to communicate after initial setup My configured channel does not match the configuration Symptoms Improving reception and performanceFirmware download failure Corrective actionsEnww HP Jetdirect configuration pages HP Jetdirect configuration Status field error messagesConfiguration page format 1Configuration Page SectionsConfiguration page messages HP Jetdirect Configuration/General Information2HP Jetdirect Configuration/General Information MessageDescriptionWireless station settings Message Description3802.11 Wireless station settings Security Settings Admin Password IPsecFirewall Cert ExpiresNetwork Statistics Total Packets ReceivedUnicast Packets Received BAD Packets ReceivedTCP/IP protocol information TCP/IP configuration informationIPv4 section Default Gateway Config byIP Address Subnet MaskIPv6 section IPv4 SectionIPX/SPX protocol information IPX/SPX configuration informationIPv6 Section AppleTalk protocol information Novell/NetWare parametersCN=ljpserver.OU=support.OU=mycity.OU=mycompany Error messages 11 AppleTalk configuration information12 DLC/LLC configuration information DLC/LLC protocol information13Error messages Error Code and Message DescriptionLAN Error Retry Faults LAN Error no LinkbeatNetwork Reconfig Must Reboot DisconnectedUnable to Login Unable to SET PasswordDisconnecting SPX Timeout2B NDS ERR Unable to Login 2C NDS AuthenticationError Error NDS PS Printer List ErrorNovram Error 4D CF ERR Access List4F Tftp Remote Error Tftp Local ErrorBAD BOOTP/DHCP Reply BAD Bootp TAG SizeBOOTP/RARP in Progress BOOTP/DHCP in ProgressDhcp Lease Timers AdjustedHP Jetdirect Security Trying to Connect to2HP Jetdirect Security 14General InformationCurrent IPsec status Local IP addresses IPsec Error LogIPsec Statistics IKE Stats IPsec Rules16IPsec statistics 17IKE StatisticsAvailable Network Services IPsec Security Associations SA table18IPsec Security Associations SRCLPD printing Requirements for configuring LPD About LPDTable A-1LPD programs and protocols Purpose of ProgramLPD setup overview Set up IP parametersSet up print queues Print a test fileConfigure print queues for BSD-based systems LPD on Unix systemsUse SAM to configure print queues HP-UX systems Example jetdirect1LPD on Microsoft Windows Server 2003/2008 systems Print a test fileInstall TCP/IP software Verify the configuration Add LPR compatible printer windowConfigure a network LPD printer LPD on Microsoft Windows XP systemsPrint from Microsoft Windows clients Add Microsoft Windows optional networking componentsCreate an LPR port for an installed printer Click Start, Printers and FaxesPrint files Use FTP printingFTP connections Control connectionFTP login Data connectionCommands Table B-1User commands for HP Jetdirect FTP serverCommand Description End the FTP sessionExample FTP Session PORT1HP Jetdirect control panel menus V .xx.nn.xx Graphical control panel menus Table C-1HP Jetdirect EIO Menu on Graphical Control PanelMenu item Sub-menu item Values and Description SsidConfigure Keys Transmit Key ResetEnable IPv4 Settings Config MethodManual Settings Default IPIPv6 Settings Enable Dhcp RenewDHCPv6 Policy Proxy ServerProxy Port Frame TypeAppleTalk Enable Reset SecuritySecurity Print Sec IPsec or FirewallEnable Wipe Code VerificationLAN HW Test Http TestTimeout Snmp TestData Path Test Select All TestsPing Results Packets SentPackets Received Percent LostLink Speed Print ProtocolsClassic control panel EIO menus Table C-2HP Jetdirect EIO Menu on Classic Control PanelMenu Item Description CFG NetworkCFG IPX/SPX Menu ItemWEB Security IpsecFirewall Code VerificationEnww Open source licensing statements GSOAPExpat XML Parser CURL Copyright and Permission NoticeGNU General Public License GNU General Public LicenseGNU General Public License Enww No Warranty END of Terms and Conditions GNU Lesser General Public License GNU Lesser General Public LicenseEnww Enww Enww Enww Enww GNU Lesser General Public License OpenSSL license OpenSSLOriginal SSLeay license OpenSSL Appendix D Open source licensing statements Index See also Gateway NDS Novram Error Total Packets Rcvd Enww Page Hewlett-Packard Development Company, L.P

Related manuals

Manual 56 pages 58.74 Kb