HP 640n Print Server manual Security protocols, Snmp IP and IPX, Authentication

Page 13

If HP network setup and management software for supported systems is not supplied, obtain it from HP support at:

www.hp.com/support/net_printing

For software to set up network printing on other systems, contact your system vendor.

Security protocols

SNMP (IP and IPX)

Simple network management protocol (SNMP) is used by network management applications for device management. HP Jetdirect print servers support access to SNMP and standard management information base (MIB-II) objects on IPv4, IPv6 and IPX networks.

Full-featured HP Jetdirect print servers support an SNMP v1/v2c agent, and an SNMP v3 agent for enhanced security.

Value-featured print servers support an SNMP v1/v2c agent only.

HTTPS

Both full-featured and value-featured HP Jetdirect print servers support secure hypertext transfer protocol (HTTPS) for secure, encrypted management communications between the HP Embedded Web Server and your Web browser.

Authentication

EAP/802.1X port-based authentication

As a network client, HP Jetdirect full-featured print servers support network use with the extensible authentication protocol (EAP) on an IEEE 802.1X network. The IEEE 802.1X standard provides a port-based authentication protocol where a network port allows or blocks use, depending on client authentication results.

When using an 802.1X connection, the print server supports EAP with an authentication server, such as a remote authentication dial-in user service (RADIUS, RFC 2138) server.

Full-featured HP Jetdirect print servers support the following EAP/802.1X methods:

PEAP (protected EAP) is a mutual authentication protocol that uses digital certificates for network server authentication and passwords for client authentication. For additional security, the authentication exchanges are encapsulated within transport layer security (TLS). Dynamic encryption keys are used for secure communications.

EAP-TLS(RFC 2716) is a mutual authentication protocol based on X.509v3–compliant digital certificates for authentication of both the client and the network authentication server. Dynamic encryption keys are used for secure communications.

The network infrastructure device that connects the print server to the network (such as a network switch) must also support the EAP/802.1X method used. In cooperation with the authentication server, the infrastructure device can control the degree of network access and services available to the print server client.

ENWW

Security protocols 3

Image 13
Contents HP Jetdirect Print Servers Page HP Jetdirect Print Servers Trademark Credits Table of contents Mac OS network installation IPX/SPX 121 105125 165 139179 175193 211Supported print servers Introducing the HP Jetdirect print server2Supported network protocols Supported network protocolsEAP/802.1X port-based authentication AuthenticationSecurity protocols Snmp IP and IPXSupplied manuals Wireless print server authenticationIPsec/Firewall Firmware installation tools Firmware upgradesHP support HP online supportProduct registration Product accessibilityHP Web Jetadmin see HP Web Jetadmin on 1Software SolutionsOperating Environment Function Remarks HP software solutions summary HP Web Jetadmin HP Jetdirect Printer Installer for UnixSystem requirements Configure and modify a device Install HP Web Jetadmin softwareRemove HP Web Jetadmin software Verify HP Web Jetadmin installation and provide accessHttp// IPaddress /ipp/port# Microsoft-supplied softwareNovell-supplied software Mac OS network installationSoftware tools Use Bonjour Mac OS XTest the configuration Verify network configurationEnww IPv6 address introduction IPv6 configurationLink-local address IPv6 address configurationStateful addresses Stateless addressesUse DNS Server-based and manual TCP/IP configuration IPv4 IPv4 configurationTools and utilities Default IP address is not assigned Default IP address IPv4Default IP address is assigned Default IPv4 address configuration options Default IP on wireless and wired print serversDefault IPv4 parameter Dhcp requests enable/disableTCP/IP configuration tools Default IPv4 behaviorAdvantages of using BOOTP/TFTP Use BOOTP/TFTP IPv4Configure the print server using BOOTP/TFTP on Unix Configure the Bootp server Systems using network information service NISBootptab file entries IPv4 RFC Description 1Tags supported in a BOOTP/DHCP boot fileTftp configuration file entries IPv4 Example HP Jetdirect Tftp configuration file 2TFTP configuration file parametersGeneral TCP/IP Main TCP/IP Print Options Ipp-printing or ipp-config,ipp Ftp-printing or ftp-config,ftpLpd-printing or lpd-config,lpd DefaultqTCP/IP Other Settings TCP/IP Access ControlTCP/IP Raw Print Ports Slp-keep-alive Bonjour-configSlp-client-mode Syslog-protocolUser-timeout or telnet-timeout Idle-timeoutCold-reset Icmp-ts-configDefault-ip-dhcp Default-ipSnmp-config Auth-trap or authentication-trapTrap-dest or trap-destination Ipx-config or ipx/spxTrap-dest ip-address community name port number Ipx-unit-nameAppleTalk Other SettingsUnix systems Use Dhcp IPv4Support Use Rarp IPv4 Discontinue Dhcp configurationMicrosoft Windows systems Laserjet1 Use the arp and ping commands IPv4Arp -s IP address LAN hardware address Ping IP address Use Telnet IPv4Typical Telnet session Create a Telnet connectionTelnet user interface options Telnet command line interface defaultCommand Description User Control Commands 3Telnet Commands and ParametersWireless 802.11 Main Ampdu Aggregation Passphrase commandNetwork-type Desired-ssidPsk-passphrase Dot11-switch-timeEncryption Wep-key-methodRoam-threshold Wireless Diagnostics00a0f8387af7 Host-nameTftp Server Ipsec-config Firewall-configTftp Filename Hpnp/printer1.cfgPrinter1.support.hp.com Domain-name support.hp.comPri-dns-svr Pri-wins-svrTCP/IP LPD Queues TCP/IP Other AllowSyslog-svr Bonjour Domain Name To 1440 EnableFtp-download User-timeoutGw-disable Ews-configTcp-mss TCP/IP Diagnostics Snmp Traps Ipx-mode PhasePjl-banner Ipx-bannerOther 1000t-pause-conf 1000t-ms-confNetwork-select Web JetAdmin Name Web JetAdmin URLMenu Interface Support-contactUse Telnet to remove an IP address 1Example Using the Menu InterfaceUse the printer control panel Use the HP Embedded Web ServerMove to another network IPv4 Enww HP Embedded Web Server V .xx.nn.xx Requirements Supported HP Web Jetadmin versionView the HP Embedded Web Server Compatible Web browsersView the HP Embedded Web Server Operating notes HP Jetdirect Home tab1HP Jetdirect Home Page Items Device tabs Networking tabConfiguration section Wireless StationDiagnostics section 2Networking Menu Items3Wireless Station configuration parameters Refresh Network Name SsidAd Hoc Network peer-to-peer ChannelWEP Enterprise WPA-Personal WPA WiFi Protected AccessHpSecureNetwork WPA-Enterprise Restore DefaultsSummary tab TCP/IP Settings4TCP/IP Summary tab 5TCP/IP Network Identification tab Network Identification tab6TCP/IPv4 tab TCP/IPv4 tab7TCP/IPv6 tab TCP/IPv6 tab8TCP/IP Config Precedence tab Config Precedence tab9TCP/IP Advanced tab Advanced tabDisable Proxy Server PasswordDefault IP Manually Configured10IPX/SPX tab settings Network SettingsAppleTalk AppleTalk Enable 11AppleTalk tab settingsAppleTalk Name Type12SNMP tab settings Misc. Settings Other Settings13Miscellaneous Settings Web Services Print Certificate Mgmt ServiceLink settings Locally Administered AddressService Firmware UpgradeLPD Queues Bonjour Highest PriorityQueue Name 14LPD Queues tab settingsPrepend String Name Append String NameQueue Type Default Queue NameRaw or text String NameSelect Language Security SettingsSecurity Level Description Basic Security 15Wizard Security LevelsSecurity Level Description Enhanced Security Restore DefaultsRecommended Custom SecurityAdmin. Account AuthorizationPrinter Password Synchronization Certificates16Certificate configuration screens Configure certificatesCertificate Validity Period Install CertificateEncryption Key Length Certificate InformationExamples Install Certificate or Install CA Certificate screensDomain Name myprinter.mydepartment.mycompany.com Examples Access ControlWeb Mgmt Mgmt. ProtocolsSnmp Enable Print Services Enable Print ProtocolsOther 17Other protocolsEnable Device Discovery 802.1X AuthenticationMight be disabled without notification Naming Resolution18802.1X configuration settings Device Announcement Agent Other Links Enww IPsec/Firewall configuration V .xx.nn.xx 1Firewall Policy 1IPsec/Firewall Policy All IPv4 Addresses All Jetdirect Print Services Default Rule exampleIPsec security associations SA HP Jetdirect IPsec/Firewall wizard2Limitations to rules, templates and services Limitations to rules, templates and servicesLimit Create Address Template Specify Address TemplateCreate Service Template Specify Service Template4Create Service Template 3Create Address TemplateManage Custom Services Manage Services5Manage Services 6Manage Custom ServicesSpecify IPsec/Firewall Template Specify ActionCreate IPsec Template Identity Authentication7Create IPsec Template Kerberos 8Identity AuthenticationCertificates Certificates on10Kerberos Settings Kerberos Settings9Kerberos IKEv1/IKEv2 Phase 2 / Quick Mode IPsec Protocols IKEv1/IKEv2 Phase 1 Authentication11IKEv1/IKEv2 Phase 1 Authentication 12IKEv1/IKEv2 Phase 2 / Quick Mode Settings IPsec Protocols Advanced IKE Settings13Advanced IKE Settings IPsec Protocols Manual Keys14IPsec Protocols Manual Keys Manual Keys15Manual Keys Value for an SA to use for packets received by the deviceAuthentication Configure Microsoft Windows systemsRule Summary Key FormatIP Administrator Password 1Summary of HP Jetdirect security featuresSecure Embedded Web Server Management IPsec/FirewallAuthentication and Encryption IPv4 Access Control ListTelnet Control IPv4/IPv6 Snmp v1/v2c Set Community Name IP/IPXConfiguration Precedence Table HP Web Jetadmin IPv4 Password and ProfilesPrinter Control Panel Lock 2Settings for Access Control Limit access to security featuresMedium HighTroubleshoot the HP Jetdirect print server Example Cold reset using the service menu Reset to factory defaultsReset to factory defaults Disable an HP Jetdirect embedded print server V .xx.nn.xx Troubleshooting chart assess the problem General troubleshootingProcedure 2 Print an HP Jetdirect configuration Procedure 1 Verify the printer is on and onlineProcedure 3 Resolve printer display error messages Procedure 4 Resolve printer network communication problems Telnet IP address port Enww Unable to communicate during initial setup Troubleshooting wireless print serversUnable to communicate after initial setup My configured channel does not match the configuration Improving reception and performance SymptomsFirmware download failure Corrective actionsEnww HP Jetdirect configuration pages Status field error messages HP Jetdirect configurationConfiguration page format 1Configuration Page SectionsHP Jetdirect Configuration/General Information Configuration page messages2HP Jetdirect Configuration/General Information MessageDescriptionMessage Description Wireless station settings3802.11 Wireless station settings Security Settings IPsec Admin PasswordFirewall Cert ExpiresTotal Packets Received Network StatisticsUnicast Packets Received BAD Packets ReceivedTCP/IP protocol information TCP/IP configuration informationIPv4 section Config by Default GatewayIP Address Subnet MaskIPv4 Section IPv6 sectionIPX/SPX protocol information IPX/SPX configuration informationIPv6 Section AppleTalk protocol information Novell/NetWare parametersCN=ljpserver.OU=support.OU=mycity.OU=mycompany 11 AppleTalk configuration information Error messages12 DLC/LLC configuration information DLC/LLC protocol informationError Code and Message Description 13Error messagesLAN Error no Linkbeat LAN Error Retry FaultsNetwork Reconfig Must Reboot DisconnectedUnable to SET Password Unable to LoginDisconnecting SPX Timeout2C NDS Authentication 2B NDS ERR Unable to LoginError Error NDS PS Printer List Error4D CF ERR Access List Novram Error4F Tftp Remote Error Tftp Local ErrorBAD Bootp TAG Size BAD BOOTP/DHCP ReplyBOOTP/RARP in Progress BOOTP/DHCP in ProgressAdjusted Dhcp Lease TimersHP Jetdirect Security Trying to Connect to14General Information 2HP Jetdirect SecurityCurrent IPsec status Local IP addresses IPsec Error LogIPsec Statistics IPsec Rules IKE Stats16IPsec statistics 17IKE StatisticsIPsec Security Associations SA table Available Network Services18IPsec Security Associations SRCLPD printing About LPD Requirements for configuring LPDTable A-1LPD programs and protocols Purpose of ProgramSet up IP parameters LPD setup overviewSet up print queues Print a test fileLPD on Unix systems Configure print queues for BSD-based systemsExample jetdirect1 Use SAM to configure print queues HP-UX systemsPrint a test file LPD on Microsoft Windows Server 2003/2008 systemsInstall TCP/IP software Add LPR compatible printer window Verify the configurationLPD on Microsoft Windows XP systems Configure a network LPD printerPrint from Microsoft Windows clients Add Microsoft Windows optional networking componentsClick Start, Printers and Faxes Create an LPR port for an installed printerUse FTP printing Print filesFTP connections Control connectionData connection FTP loginTable B-1User commands for HP Jetdirect FTP server CommandsCommand Description End the FTP sessionPORT1 Example FTP SessionHP Jetdirect control panel menus V .xx.nn.xx Table C-1HP Jetdirect EIO Menu on Graphical Control Panel Graphical control panel menusMenu item Sub-menu item Values and Description SsidReset Configure Keys Transmit KeyEnable IPv4 Settings Config MethodDefault IP Manual SettingsIPv6 Settings Enable Dhcp RenewProxy Server DHCPv6 PolicyProxy Port Frame TypeReset Security AppleTalk EnableSecurity Print Sec IPsec or FirewallCode Verification Enable WipeLAN HW Test Http TestSnmp Test TimeoutData Path Test Select All TestsPackets Sent Ping ResultsPackets Received Percent LostPrint Protocols Link SpeedTable C-2HP Jetdirect EIO Menu on Classic Control Panel Classic control panel EIO menusMenu Item Description CFG NetworkCFG IPX/SPX Menu ItemWEB Ipsec SecurityFirewall Code VerificationEnww GSOAP Open source licensing statementsExpat XML Parser Copyright and Permission Notice CURLGNU General Public License GNU General Public LicenseGNU General Public License Enww No Warranty END of Terms and Conditions GNU Lesser General Public License GNU Lesser General Public LicenseEnww Enww Enww Enww Enww GNU Lesser General Public License OpenSSL license OpenSSLOriginal SSLeay license OpenSSL Appendix D Open source licensing statements Index See also Gateway NDS Novram Error Total Packets Rcvd Enww Page  Hewlett-Packard Development Company, L.P
Related manuals
Manual 56 pages 58.74 Kb