Manuals / HP / Computer Equipment / All in One Printer

HP ew2500 802.11b/g Print Server manual IKEv1/IKEv2 Phase 1 Authentication

Models: ew2500 802.11b/g Print Server

1 206

Download 206 pages 49.02 Kb

Page 127

Table 5-10Kerberos Settings page (continued)

Item	Description

Key Version Number	Version number for the encryption keys associated with the principal and password.

Clock Skew	Clock skew is a measure of allowed differences between clocks during transactions. A
	Kerberos installation uses clocks that are reasonably synchronized. When the
	HP Jetdirect print server checks time stamps of incoming packets from clients, the clock
	skew specifies the time interval (in seconds) within which the HP Jetdirect print server
	accepts a packet. If the time interval is exceeded, the packet is discarded.
	NOTE: Timing differences between the HP Jetdirect print server and a domain
	controller depends on the clock skew configuration on the domain controller.

Time Sync Period	Time interval (in minutes) that the HP Jetdirect print server requests to synchronize its
	clock with an SNTP time server.

SNTP Server	FQDN or IP address of an SNTP time server, if required. By default, the SNTP server is
	the server used as the KDC.

IKEv1/IKEv2 Phase 1 (Authentication)

Use IKE to create security associations dynamically. Configure SA parameters for authentication and to securely generate IPsec session keys for encryption and authentication algorithms. Items on this page are described in the following table.

Table 5-11IKEv1/IKEv2 Phase 1 (Authentication) page

Item	Description

Negotiation Mode	(Required) IKE provides two modes of negotiation during an exchange for keys and
	security services to be used for a Security Association:
	Main Uses identity protection between the hosts. This method is slower but secure.
	Aggressive Uses half the message exchanges. It is faster, but less secure.

Cryptographic Parameters	(Required) Diffie-Hellman Groups Allows a secret key and security services to be
	securely exchanged between two hosts over an unprotected network. A Diffie-Hellman
	group determines the parameters to use during a Diffie-Hellman exchange. Multiple
	well-known Diffie-Hellman groups are listed.
	IKEv1 supports up to DH-18.
	IKEv2 supports up to DH-24.
	To change the entries in the list, click Edit. Selecting all the groups results in a single
	negotiated group.

Encryption and Authentication	(Required) Encryption methods and strengths, and the authentication methods to use.
	Selecting all the methods results in a single negotiated method.

Security Association	(Required) Specify the SA Lifetime, in seconds (30 to 86400), that the keys
	associated with this security association are valid.

IKEv1/IKEv2 Phase 2 / Quick Mode (IPsec Protocols)

Items on this page are described in the following table.

HP Jetdirect IPsec/Firewall wizard 117

Image 127

HP ew2500 802.11b/g Print Server IKEv1/IKEv2 Phase 1 Authentication, IKEv1/IKEv2 Phase 2 / Quick Mode IPsec Protocols

Contents

HP Jetdirect Print Servers Page HP Jetdirect Print Servers Trademark Credits Copyright Hewlett-Packard Development Company, L.PTable of contents HP Embedded Web Server DLC/LLC Snmp IPsec/Firewall configuration 105HP Jetdirect configuration pages 135 Security features 121Troubleshoot the HP Jetdirect print server 125 Appendix B FTP printing 173 Appendix a LPD printing 163Appendix D Open source licensing statements 188 Appendix C HP Jetdirect control panel menus 177Index 191 Supported print servers Introducing the HP Jetdirect print server2Supported network protocols Supported network protocolsSnmp IP and IPX AuthenticationEAP/802.1X port-based authentication Security protocolsIPsec/Firewall Wireless print server authenticationHP support Firmware upgradesFirmware installation tools Supplied manualsProduct registration Product accessibilityHP support by phone Operating Environment Function Remarks HP software solutions summary1Software Solutions HP Web Jetadmin see HP Web Jetadmin onOperating Environment Function HP Web Jetadmin HP Jetdirect Printer Installer for UnixSystem requirements Install HP Web Jetadmin software Internet Printer Connection software Configure and modify a deviceRemove HP Web Jetadmin software Verify HP Web Jetadmin installation and provide accessWindows XP/Server 2003 or 2008 integrated software Mac OS network installationNovell-supplied software Software toolsOpen System Preferences, and then open Print & Fax Use Bonjour Mac OS XTest the configuration Verify network configurationIPv6 configuration TCP/IP configurationIPv6 address introduction Link-local address IPv6 address configurationStateless addresses Use DNS Stateful addressesServer-based and manual TCP/IP configuration IPv4 IPv4 configurationTools and utilities Default IP address is not assigned Default IP address IPv4Default IP address is assigned Dhcp requests enable/disable Default IP on wireless and wired print serversDefault IPv4 address configuration options Default IPv4 parameterTCP/IP configuration tools Default IPv4 behaviorAdvantages of using BOOTP/TFTP Use BOOTP/TFTP IPv4Configure the print server using BOOTP/TFTP on Unix Configure the Bootp server Systems using network information service NISBootptab file entries IPv4 RFC Description Option 1Tags supported in a BOOTP/DHCP boot fileTftp configuration file entries IPv4 Example HP Jetdirect Tftp configuration file 2TFTP configuration file parametersGeneral TCP/IP Main TCP/IP Print Options Lpd-printing or lpd-config,lpd Printing or 9100-configFtp-printing or ftp-config,ftp Ipp-printing or ipp-config,ippTCP/IP Other Settings TCP/IP Access ControlTCP/IP Raw Print Ports Slp-keep-alive Slp-configBonjour-config Syslog-facilityIcmp-ts-config Idle-timeoutUser-timeout or telnet-timeout Cold-resetSnmp-config Telnet-config or telnetDefault-ip Default-ip-dhcpSet-cmnty-name or set-community-name Auth-trap or authentication-trapIpx-config or ipx/spx Get-cmnty-name or get-community-nameAppleTalk Other SettingsUsb-speed UpgradeUpgrade Tftp server IP Version Product Number Filename Usb-modeUnix systems Use Dhcp IPv4Support Windows Server 2003 and Server Windows systemsDiscontinue Dhcp configuration Laserjet1 Use Rarp IPv4Arp -s IP address LAN hardware address Ping IP address Use the arp and ping commands IPv4Create a Telnet connection Use Telnet IPv4Route add Jetdirect IP Address system IP Address Typical Telnet sessionTelnet user interface options Telnet command line interface default3Telnet Commands and Parameters CommandDescription User Control CommandsWireless 802.11 Main Svr-auth-pass Auth-typeServer-auth Svr-auth-userWireless Diagnostics Specified Ipsec-config Firewall-config00a0f8387af7 Host-nameDomain-name support.hp.com Tftp ServerTftp Filename Hpnp/printer1.cfgLpd-printing PrintingFtp-printing Ipp-printingTCP/IP Other TCP/IP LPD QueuesSyslog-svr To 1440 EnableFtp-download Bonjour Domain NameFor more information, see HP Embedded Web Server V.40.xx on User-timeoutEws-config Gw-disableTCP/IP Diagnostics Snmp Traps Ipx-mode Ipx-configIpx-unitname AddressOther 1000t-ms-conf Upgrade LaaXml-services-conf Ws-discovery-confNetwork-select Menu Interface Job-timeoutWeb JetAdmin URL Web JetAdmin NameUse Telnet to remove an IP address 1Example Using the Menu InterfaceUse the printer control panel Use the HP Embedded Web ServerMove to another network IPv4 Page HP Embedded Web Server Compatible Web browsers Supported HP Web Jetadmin versionRequirements View the HP Embedded Web ServerPage Operating notes HP Jetdirect Home tab1HP Jetdirect Home Page Items Device tabs Networking tab2Networking Menu Items WirelessConfiguration section Diagnostics section3Wireless configuration parameters WEP Personal WEP Enterprise WPA Personal Restore DefaultsWPA Enterprise Summary tab TCP/IP Settings4TCP/IP Summary tab 5TCP/IP Network Identification tab Network Identification tab6TCP/IPv4 tab TCP/IPv4 tab7TCP/IPv6 tab TCP/IPv6 tab8TCP/IP Config Precedence tab Config Precedence tab9TCP/IP Advanced tab Advanced tabDefault IP Manual SettingsProxy Server Password DisableNetwork Settings 10IPX/SPX tab settings AppleTalk 11AppleTalk tab settings12SNMP tab settings Misc. Settings Other Settings13Miscellaneous Settings Link settings HP XML ServicesCertificate Mgmt Service Web Services PrintLPD Queues Firmware UpgradeAppend String Name 14LPD Queues tab settingsQueue Name Prepend String NameValue Default Queue NameQueue Type String NameRefresh Rate USB Settings15USB Settings tab Support InfoWizard Security SettingsSelect Language StatusSecurity Level Description Basic Security 16Wizard Security LevelsCustom Security Restore DefaultsSecurity Level Description Enhanced Security RecommendedCertificates AuthorizationAdmin. Account Printer Password Synchronization17Certificate configuration screens Configure certificatesImport Certificate and Private Key Install CertificateCertificate Validity Period Certificate InformationExamples Install Certificate or Install CA Certificate screensDomain Name myprinter.mydepartment.mycompany.com IP Address Mask Description Access ControlWeb Mgmt Mgmt. ProtocolsSnmp 18Other protocols Enable Print ProtocolsEnable Print Services OtherNaming Resolution 802.1X AuthenticationEnable Device Discovery SLP, might be disabled without notification19802.1X configuration settings Assessment Other Links IPsec/Firewall configuration 1Firewall Policy 1IPsec/Firewall Policy HP Jetdirect IPsec/Firewall wizard Default Rule exampleAll IPv4 Addresses All Jetdirect Print Services IPsec security associations SA2Limitations to rules, templates and services Limitations to rules, templates and servicesLimit Create Address Template Specify Address Template3Create Address Template Specify Service TemplateCreate Service Template 4Create Service Template6Manage Custom Services Manage ServicesManage Custom Services 5Manage ServicesSpecify IPsec/Firewall Template Specify ActionCreate IPsec Template Identity Authentication7Create IPsec Template Certificates on 8Identity AuthenticationKerberos Certificates10Kerberos Settings Kerberos Settings9Kerberos IKEv1/IKEv2 Phase 2 / Quick Mode IPsec Protocols IKEv1/IKEv2 Phase 1 Authentication11IKEv1/IKEv2 Phase 1 Authentication 12IKEv1/IKEv2 Phase 2 / Quick Mode Settings IPsec Protocols Advanced IKE Settings13Advanced IKE Settings 15Manual Keys IPsec Protocols Manual KeysManual Keys 14IPsec Protocols Manual KeysRule Summary Configure Windows systems1Summary of HP Jetdirect security features Security featuresIPv4/IPv6 Snmp v1/v2c Set Community Name IP/IPX Authentication and EncryptionHP Web Jetadmin IPv4 Password and Profiles Telnet Control2Settings for Access Control Limit access to security featuresMedium Settings Level of Access ControlHigh Troubleshoot the HP Jetdirect print server Reset to factory defaultsExample Cold reset using the service menu Disable an HP Jetdirect embedded print serverTroubleshooting chart assess the problem General troubleshootingProcedure 2 Print an HP Jetdirect configuration Procedure 1 Verify the printer is on and onlineProcedure 3 Resolve printer display error messages Procedure 4 Resolve printer network communication problems Telnet IP address port Unable to communicate during initial setup Troubleshooting wireless print serversUnable to communicate after initial setup My configured channel does not match the configuration Corrective actions SymptomsImproving reception and performance Firmware download failureHP Jetdirect configuration HP Jetdirect configuration pagesStatus field error messages Section Name Configuration page format1Configuration Page Sections HP Jetdirect Configuration or General InformationMessageDescription Configuration page messagesHP Jetdirect Configuration/General Information 2HP Jetdirect Configuration/General InformationMessage Description USB printer information4802.11 Wireless settings Wireless settingsUSB Speed Network Name Ssid Status/Error MessagesSSL Issuer Signal StrengthAccess Point / Bssid Authentication TypeSecurity Settings Snmp Set Cmty Name Access ListSecure Web Configuration Snmp VersionsNetwork Statistics TCP/IP configuration informationTCP/IP protocol information IPv4 Section IPv4 sectionRarp Server BOOTP/DHCP Server Default GatewayConfig by Bootp ServerIPv6 section IPX/SPX protocol informationIPv6 Section Novell/NetWare parameters 10 IPX/SPX configuration informationCN=ljpserver.OU=support.OU=mycity.OU=mycompany 11 Novell/NetWare configuration information12 AppleTalk configuration information AppleTalk protocol informationDLC/LLC protocol information Error messages13 DLC/LLC configuration information 14Error messagesError Code and Message Description Not Configured Network Reconfig MustReboot Disconnected Configuration ErrorTimeout Unable to LoginUnable to SET Password Disconnecting SPXDirected to the print server 3C NDS ERR Unresolved Queue Novram Error4D CF ERR Access List 4F Tftp Remote ErrorBOOTP/RARP in Progress Tftp Local ErrorBAD BOOTP/DHCP Reply BAD Bootp TAG SizeHP Jetdirect Security 15General Information 2HP Jetdirect SecurityCurrent IPsec status Local IP addresses IPsec Error LogIPsec Statistics 18IKE Statistics IKE StatsIPsec Rules 17IPsec statisticsSRC Available Network ServicesIPsec Security Associations SA table 19IPsec Security AssociationsProgram Name Purpose of Program LPD printingAbout LPD Table A-1LPD programs and protocolsSet up print queues Requirements for configuring LPDLPD setup overview Set up IP parametersTable A-2Supported queue types Configure print queues for BSD-based systemsPrint a test file LPD on Unix systemsUse SAM to configure print queues HP-UX systems Examples myprinter or printer1 Print a test fileLPD on Windows Server 2003/2008 systems Install TCP/IP softwareAdd LPR compatible printer window Add Windows optional networking components Verify the configurationLPD on Windows XP systems Print from Windows clientsCreate an LPR port for an installed printer Configure a network LPD printerAdd a new LPD printer Page FTP connections FTP printingPrint files Use FTP printingData connection FTP loginEnd the FTP session CommandsTable B-1User commands for HP Jetdirect FTP server Command DescriptionPORT1 Example FTP SessionGraphical control panel menus HP Jetdirect control panel menusHP Jetdirect EIO Menu on Graphical Control Panel Table C-1HP Jetdirect EIO Menu on Graphical Control Panel Address IPv6 Settings EnablePrimary DNS Secondary DNSFrame Type AppleTalk EnableProxy Server Proxy PortIPsec or Firewall Reset SecurityEnable Wipe Login Security Keep Reset Assessment DisableSnmp Test Diagnostics Embedded TestsLAN HW Test Http TestDest Type TimeoutExecute Ping TestLink Speed RTT AveragePing in Progress RefreshHP Jetdirect EIO Menu on Classic Control Panel Classic control panel EIO menusMenu Item Description WEB Table C-2HP Jetdirect EIO Menu on Classic Control PanelMenu Item CFG IPX/SPXPrint IpsecFirewall Code VerificationOpenSSL license Open source licensing statementsGSOAP OpenSSLOriginal SSLeay license Page Type IndexSee also Gateway Babble Port Select WEP Hewlett-Packard Development Company, L.P