Home » Brother International Manuals » Multifunction Devices » Brother International DCP-8155DN » Manual Viewer

Brother International DCP-8155DN Network User's Guide - English - Page 138

Server Certificate Verification, Wired 802.1x Authentication

View all Brother International DCP-8155DN manuals

Add to My Manuals
Save this manual to your list of manuals

Page 138 highlights

Security features If you enable a NetBIOS name, you can also use the node name. • For example: http://brnxxxxxxxxxxxx/ The NetBIOS name can be seen in the Network Configuration Report (See Printing the Network Configuration Report uu page 63). • For Macintosh users, you can have easy access to the Web Based Management System by clicking the machine icon on the Status Monitor screen. For more information: uu Software User's Guide. c No password is required by default. Enter a password if you have set one and press . d Click Network. e (Wired) Click Wired and then choose Wired 802.1x Authentication. (Wireless) Click Wireless and then choose Wireless (Enterprise). f Now you can configure the IEEE 802.1x authentication settings.  If you want to enable IEEE 802.1x authentication for wired network, check Enabled for Wired 802.1x status on the Wired 802.1x Authentication page.  For the details of IEEE 802.1x authentication and the inner authentication methods, see IEEE 802.1x 8 Authentication uu page 160.  If you are using EAP-TLS authentication, you must choose the Client Certificate that has been installed (shown with Certificate Name) for verification from the Client Certificate pull-down list.  If you choose EAP-FAST, PEAP, EAP-TTLS or EAP-TLS authentication, you can choose the verification method from the Server Certificate Verification pull-down list. You can verify the Server Certificate by using the CA certificate, imported to the machine in advance, that has been issued by the CA that signed the Server Certificate. You can choose one of the following verification methods from the Server Certificate Verification pull-down list.  No Verification The Server Certificate can always be trusted. The verification is not performed.  CA Cert. The verification method to check the CA reliability of the Server Certificate, using the CA certificate that has been issued by the CA that signed the Server Certificate.  CA Cert. + ServerID The verification method to check the Common Name 1 value of the Server Certificate, in addition to the CA reliability of the Server Certificate. 1 The Common Name verification compares the Common Name of the Server Certificate to the character string configured for the Server ID. Before you use this method, contact your system administrator about the Server Certificate's Common Name and then configure Server ID. 131

Section	Page
Network User’s Guide	1
Applicable models	2
Definitions of notes	2
IMPORTANT NOTE	2
Table of Contents	3
Section I: Network Operation	8
1 Introduction	9
Network features	9
Other Network features	10
LDAP (DCP-8250DN, MFC-8910DW and MFC-8950DW(T): standard, MFC-8510DN, MFC-8520DN and MFC-8710DW: available as a download)	10
Internet fax (MFC-8910DW and MFC-8950DW(T): standard, MFC-8510DN, MFC-8520DN and MFC-8710DW: available as a download)	10
Security	10
Fax to Server (MFC-8910DW and MFC-8950DW(T): standard, MFC-8510DN, MFC-8520DN and MFC-8710DW: available as a download)	11
Secure Function Lock 2.0	11
Store Print Log to Network	11
2 Changing your machine’s network settings	12
How to change your machine’s network settings (IP address, Subnet mask and Gateway)	12
Using the control panel	12
Using the BRAdmin Light utility	12
Installing BRAdmin Light for Windows®	12
Installing BRAdmin Light for Macintosh	12
Setting the IP address, Subnet Mask and Gateway using BRAdmin Light	13
Other Management Utilities	15
Web Based Management (web browser)	15
BRAdmin Professional 3 utility (Windows®)	15
BRPrint Auditor (Windows®)	16
3 Configuring your machine for a wireless network (For MFC-8710DW, MFC-8910DW and MFC-8950DW(T))	17
Overview	17
Confirm your network environment	18
Connected to a computer with a WLAN access point/router in the network (Infrastructure mode)	18
Configuration method	18
Connected to a wireless capable computer without a WLAN access point/router in the network (Ad-hoc mode)	19
Wireless configuration temporarily using a USB cable (Recommended)	20
Configuration using the machine’s control panel Setup Wizard	25
Manual configuration from the control panel	26
Configuring your machine when the SSID is not broadcast	29
Configuring your machine for an enterprise wireless network	34
One push configuration using WPS (Wi-Fi Protected Setup) or AOSS™	42
Configuration using the PIN Method of WPS (Wi-Fi Protected Setup)	45
Configuration in Ad-hoc mode (For IEEE 802.11b)	50
Using configured SSID	50
Using a New SSID	54
4 Control panel setup	57
Network menu	57
TCP/IP	57
Boot Method	57
IP Address	58
Subnet Mask	58
Gateway	58
Node Name	58
WINS Config	58
WINS Server	58
DNS Server	59
APIPA	59
IPv6	59
Ethernet (wired network only)	60
Status (For DCP-8110DN, DCP-8150DN, DCP-8155DN, DCP-8250DN, MFC-8510DN and MFC-8520DN)/Wired Status (For MFC-8710DW, MFC-8910DW and MFC-8950DW(T))	60
Setup Wizard (wireless network only)	60
WPS (Wi-Fi Protected Setup)/AOSS™ (wireless network only)	60
WPS (Wi-Fi Protected Setup) w/PIN Code (wireless network only)	60
WLAN Status (wireless network only)	60
Status	60
Signal	60
SSID	61
Comm. Mode	61
MAC Address	61
Set to Default (For MFC-8710DW, MFC-8910DW and MFC-8950DW(T))	61
Wired Enable (For MFC-8710DW, MFC-8910DW and MFC-8950DW(T))	61
WLAN Enable (For MFC-8710DW, MFC-8910DW and MFC-8950DW(T))	61
E-mail / IFAX (MFC-8910DW, MFC-8950DW(T) and DCP-8250DN (E-mail only): standard, MFC-8510DN, MFC-8520DN and MFC-8710DW: available as a download)	61
Mail Address	61
Setup Server	62
SMTP	62
POP3	62
Setup Mail RX (For MFC-8510DN, MFC-8520DN, MFC-8710DW, MFC-8910DW and MFC-8950DW(T))	63
Auto Polling	63
Poll Frequency	63
Header	63
Del Error Mail	63
Notification	63
Setup Mail TX	63
Sender Subject	63
Size Limit	63
Notification	64
Setup Relay (For MFC-8510DN, MFC-8520DN, MFC-8710DW, MFC-8910DW and MFC-8950DW(T))	64
Relay Broadcast	64
Relay Domain	64
Relay Report	64
Fax to Server (MFC-8910DW and MFC-8950DW(T): standard, MFC-8510DN, MFC-8520DN and MFC-8710DW: available as a download)	65
Setting Fax to Server to On	66
How to operate Fax to Server	68
How to set a new default for Scan to FTP	68
How to set a new default for Scan to Network (Windows®)	68
Reset the network settings to the factory default	69
Printing the Network Configuration Report	70
Printing the WLAN report (For MFC-8710DW, MFC-8910DW and MFC-8950DW(T))	71
Function table and default factory settings	72
DCP-8110DN, DCP-8150DN, DCP-8155DN, MFC-8510DN and MFC-8520DN	72
MFC-8710DW and MFC-8910DW	78
DCP-8250DN	88
MFC-8950DW(T)	91
5 Web Based Management	98
Overview	98
How to configure the machine settings using Web Based Management (web browser)	99
Setting a password	100
Gigabit Ethernet (wired network only) (For DCP-8250DN and MFC-8950DW(T))	100
How to configure the Gigabit Ethernet and Jumbo Frame settings using Web Based Management (web browser)	101
Secure Function Lock 2.0	102
How to configure the Secure Function Lock 2.0 settings using Web Based Management (web browser)	103
Basic configuration	103
Scanning when using Secure Function Lock 2.0	103
Setting up public mode	104
Restricting PC print by PC user login name	104
Other features	104
Synchronize with SNTP server	105
Store Print Log to Network	107
How to configure the Store Print Log to Network settings using Web Based Management (web browser)	107
Error Detection Setting	109
Understanding Error Messages	110
Using Store Print Log to Network with Secure Function Lock 2.0	111
Changing the Scan to FTP configuration using a web browser	111
Changing the Scan to Network configuration using a web browser (Windows®)	113
Changing the LDAP configuration using a web browser (DCP-8250DN, MFC-8910DW and MFC-8950DW(T): standard, MFC-8510DN, MFC-8520DN and MFC-8710DW: available as a download)	114
6 LDAP operation (DCP-8250DN, MFC-8910DW and MFC-8950DW(T): standard, MFC-8510DN, MFC-8520DN and MFC-8710DW: available as a download)	116
Overview	116
Changing the LDAP configuration using a Browser	116
LDAP operation using the control panel	116
7 Internet fax (MFC-8910DW and MFC-8950DW(T): standard, MFC-8510DN, MFC-8520DN and MFC-8710DW: available as a download)	119
Internet fax Overview	119
Important information on Internet fax	120
How to Internet fax	121
Sending an Internet fax	121
Before sending an Internet fax	121
How to send an Internet fax	121
Receiving E-mail or Internet fax	122
Before receiving an Internet fax	122
How to receive an Internet fax	123
Receiving an Internet fax to your computer	123
Additional Internet Fax options	124
Forwarding received E-mail and fax messages	124
Relay broadcasting	124
Before relaying broadcast	124
Relay broadcast from a machine	125
Sending to multiple phone numbers:	125
Relay broadcast from a computer	127
TX Verification Mail	128
Setup Mail TX	128
Setup Mail RX	128
Error mail	129
8 Security features	130
Overview	130
Managing your network machine securely using SSL/TLS	131
Secure Management using Web Based Management (web browser)	131
Secure Management using BRAdmin Professional 3 (Windows®)	133
To use the BRAdmin Professional 3 utility securely, you need to follow the points below	133
Printing documents securely using SSL/TLS	134
Sending or Receiving an E-mail securely	134
Configuration using Web Based Management (web browser)	134
Sending an E-mail with user authentication	135
Sending or Receiving an E-mail securely using SSL/TLS	136
Using IEEE 802.1x authentication	137
IEEE 802.1x authentication configuration using Web Based Management (web browser)	137
Using Certificates for device security	139
Configure certificate using Web Based Management	141
Creating and installing a certificate	142
Step by step chart for creating and installing a certificate	142
How to create and install a self-signed certificate	142
How to install the self-signed certificate on your computer	143
How to create a CSR	147
How to install the certificate to your machine	148
Import and export the certificate and private key	148
How to import the self-signed certificate, the certificate issued by a CA, and the private key	148
How to export the self-signed certificate, the certificate issued by a CA, and the private key	149
Managing multiple certificates	149
Import and export a CA certificate	150
How to import a CA certificate	150
How to export a CA certificate	150
9 Troubleshooting	151
Overview	151
Identifying your problem	151
Go to the page for your solution from the lists below	151
Section II: Network Glossary	158
10 Types of network connections and protocols	159
Types of network connections	159
Wired network connection example	159
Peer-to-Peer printing using TCP/IP	159
Network Shared printing	160
Protocols	161
TCP/IP protocols and functions	161
DHCP/BOOTP/RARP	161
APIPA	161
ARP	161
DNS client	162
NetBIOS name resolution	162
WINS	162
LPR/LPD	162
SMTP client	162
Custom Raw Port (Default is Port 9100)	162
IPP	162
mDNS	162
TELNET	163
SNMP	163
LLMNR	163
Web Services	163
HTTP	163
FTP (For the Scan to FTP feature)	163
SNTP	164
CIFS	164
LDAP (DCP-8250DN, MFC-8910DW and MFC-8950DW(T): standard, MFC-8510DN, MFC-8520DN and MFC-8710DW: available as a download)	164
IPv6	164
11 Configuring your machine for a network	165
IP addresses, subnet masks and gateways	165
IP address	165
How the IP address is assigned to your print server:	165
Subnet mask	166
Gateway (and router)	166
IEEE 802.1x Authentication	167
12 Wireless network terms and concepts (For MFC-8710DW, MFC-8910DW and MFC-8950DW(T))	169
Specifying your network	169
SSID (Service Set Identifier) and channels	169
Security terms	169
Authentication and encryption	169
Authentication and Encryption methods for a personal wireless network	170
Authentication methods	170
Encryption methods	170
Network key	171
Authentication and Encryption methods for an enterprise wireless network	171
Authentication methods	171
Encryption methods	172
User ID and password	172
13 Additional network settings from Windows®	173
Types of additional network settings	173
Installing drivers used for printing and scanning via Web Services (Windows Vista® and Windows® 7)	173
Uninstalling drivers used for printing and scanning via Web Services (Windows Vista® and Windows® 7)	174
Network printing and scanning installation for Infrastructure mode when using Vertical Pairing (Windows® 7)	175
14 Security terms and concepts	176
Security features	176
Security terms	176
Security protocols	177
SSL (Secure Socket Layer) / TLS (Transport Layer Security)	177
HTTPS	177
IPPS	177
SNMPv3	177
Security methods for E-mail Sending and Receiving	178
POP before SMTP (PbS)	178
SMTP-AUTH (SMTP Authentication)	178
APOP (Authenticated Post Office Protocol)	178
SMTP over SSL	178
POP over SSL	178
Section III: Appendixes	179
A Appendix A	180
Supported protocols and security features	180
B Appendix B	181
Using services	181
Other ways to set the IP address (for advanced users and administrators)	181
Using DHCP to configure the IP address	181
Using RARP to configure the IP address	182
Using BOOTP to configure the IP address	183
Using APIPA to configure the IP address	183
Using ARP to configure the IP address	184
Using the TELNET console to configure the IP address	185

Match case Limit results 1 per page

131

Security features

If you enable a NetBIOS name, you can also use the node name.

•

For example:

http://brnxxxxxxxxxxxx/

The NetBIOS name can be seen in the Network Configuration Report (See

Printing the Network

Configuration Report

page 63).

•

For Macintosh users, you can have easy access to the Web Based Management System by clicking the

machine icon on the

Status Monitor

screen. For more information:

Software User's Guide.

No password is required by default. Enter a password if you have set one and press

Click

Network

(Wired) Click

Wired

and then choose

Wired 802.1x Authentication

(Wireless) Click

Wireless

and then choose

Wireless (Enterprise)

Now you can configure the IEEE 802.1x authentication settings.



If you want to enable IEEE 802.1x authentication for wired network, check

Enabled

for

Wired 802.1x

status

on the

Wired 802.1x Authentication

page.



For the details of IEEE 802.1x authentication and the inner authentication methods, see

IEEE 802.1x

Authentication

page 160.



If you are using EAP-TLS authentication, you must choose the Client Certificate that has been

installed (shown with Certificate Name) for verification from the

Client Certificate

pull-down list.



If you choose EAP-FAST, PEAP, EAP-TTLS or EAP-TLS authentication, you can choose the

verification method from the

Server Certificate Verification

pull-down list. You can verify the Server

Certificate by using the CA certificate, imported to the machine in advance, that has been issued by

the CA that signed the Server Certificate.

You can choose one of the following verification methods from the

Server Certificate Verification

pull-down list.



No Verification

The Server Certificate can always be trusted. The verification is not performed.



CA Cert.

The verification method to check the CA reliability of the Server Certificate, using the CA certificate

that has been issued by the CA that signed the Server Certificate.



CA Cert. + ServerID

The verification method to check the Common Name

value of the Server Certificate, in addition to

the CA reliability of the Server Certificate.

The Common Name verification compares the Common Name of the Server Certificate to the character string configured for the

Server ID

Before you use this method, contact your system administrator about the Server Certificate’s Common Name and then configure

Server ID