Home » HP Manuals » Print Servers » HP 635n » Manual Viewer

HP 635n HP Jetdirect Print Server Administrator's Guide - Page 118

Security Features, IPv4 Access Control List, Telnet Control, Authentication and Encryption

UPC - 882780301016

Add to My Manuals
Save this manual to your list of manuals

Page 118 highlights

Table 6-1 Summary of HP Jetdirect Security Features (continued) ■ Used by Telnet (IPv4), HP Web Jetadmin (IPv4), and the embedded Web server to control access to HP Jetdirect configuration parameters. ■ Up to 16 alphanumeric characters may be used. ■ Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), embedded Web server services, or HP Web Jetadmin (IPv4). Up to 16 alphanumeric characters are allowed. ■ If configured through the embedded Web server, may be synchronized as the SNMP Set Community Name used in HP Web Jetadmin (IPv4) SNMP v1/v2c Set commands. ■ Cleared by cold reset of the print server to factory default settings. IPv4 Access Control List ■ Specifies up to 10 IPv4 host systems, or IPv4 networks of host systems, that are allowed access to the HP Jetdirect print server and the attached network device. ■ Access is generally limited to host systems specified in the list. ■ By factory default, host systems that use HTTP (for example, using the embedded Web server or IPP) are not checked against entries in the Access List and are allowed access. However, HTTP host access can be disabled through the embedded Web server. ■ If the list is empty, then all hosts are allowed access. ■ Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), embedded Web server, or SNMP (IPv4) management software. Telnet Control ■ Telnet (IPv4) access is not secure. Telnet may be disabled through the embedded Web server (see HP Jetdirect Embedded Web Server (V.31.xx)). Authentication and Encryption (Full-featured print servers) Certificate management for X.509 digital certificates is provided through the embedded Web server, for both client-based and server-based authentication. A self-signed Jetdirect certificate is pre-installed, and may be replaced. A Certificate Authority (CA) certificate may also be installed. IPv4 SNMP v1/v2c Set Community Name (IP/IPX) (IPv4 SNMP v1/v2c only) ■ A password on the HP Jetdirect print server that allows incoming SNMP Set commands (for example, from management software) to write (or set) HP Jetdirect configuration parameters. ■ For a user-assigned Set Community Name, SNMP Set commands must contain the user-assigned name, which is authenticated by the print server before the command is performed. ■ On IP networks, authentication of SNMP Set commands may be further restricted to systems identified on the access control list. ■ Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), embedded Web server, or Management application services. ■ SNMP v1/v2c uses plain text and can be disabled. IPv4 SNMP v3 108 Chapter 6 Security Features ENWW

Section	Page
Introducing the HP Jetdirect Print Server	11
Supported Print Servers	11
Supported Network Protocols	12
Security Protocols	13
SNMP (IPv4 and IPX)	13
HTTPS	13
Authentication	13
EAP/802.1X Server-Based Authentication	13
IPsec	14
Supplied Manuals	14
HP Support	14
HP Online Support	14
Firmware Upgrades	14
Firmware Installation Tools	15
HP Support By Phone	15
Product Registration	15
Product Accessibility	16
HP Software Solutions Summary	17
HP Install Network Printer Wizard (Windows)	19
Requirements	19
HP Jetdirect Printer Installer for UNIX	19
HP Web Jetadmin	20
System Requirements	20
Installing HP Web Jetadmin	20
Verifying Installation and Providing Access	20
Configuring and Modifying a Device	20
Removing HP Web Jetadmin Software	21
Internet Printer Connection Software	21
HP-Supplied Software	21
HP Software System Requirements	21
HP Software Supported Proxies	22
Microsoft Supplied Software	22
Windows 2000/XP/Server 2003 Integrated Software	22
Windows Me IPP Client	22
Novell Supplied Software	23
HP LaserJet Utilities for Mac OS	23
TCP/IP Configuration	27
IPv6 Configuration	27
IPv6 Address Introduction	27
IPv6 Address Configuration	28
Link-Local Address	28
Stateless Addresses	29
Stateful Addresses	29
Using DNS	29
Tools and Utilities	30
IPv4 Configuration	30
Server-Based and Manual TCP/IP Configuration (IPv4)	30
Default IP Address (IPv4)	31
Default IP Address Will Not Be Assigned	31
Default IP Address Will Be Assigned	31
Default IPv4 Address Configuration Options	32
Default IPv4 Behavior	33
TCP/IP Configuration Tools	33
Using BOOTP/TFTP (IPv4)	34
Why Use BOOTP/TFTP?	34
BOOTP/TFTP on UNIX	35
Using DHCP (IPv4)	46
UNIX Systems	47
Windows Systems	47
To Discontinue DHCP Configuration	50
Using RARP (IPv4)	51
Using the arp and ping Commands (IPv4)	51
Using Telnet (IPv4)	52
Creating a Telnet Connection	53
A Typical Telnet Session	53
User Interface Options	54
Using Telnet to Erase the Existing IP Settings	68
Moving to Another Network (IPv4)	68
Using the Embedded Web Server	68
Using the Printer Control Panel	68
HP Jetdirect Embedded Web Server (V.31.xx)	71
Requirements	73
Compatible Web Browsers	73
Browser Exceptions	73
Supported HP Web Jetadmin Version	73
Viewing the Embedded Web Server	73
Operating Notes	75
HP Jetdirect Home Tab	75
Device Tabs	76
Networking Tab	76
Sending Product Information to HP	77
TCP/IP Settings	78
Summary	78
Network Identification	79
TCP/IP(v4)	80
TCP/IP(v6)	81
Config Precedence	82
Advanced	83
Network Settings	85
IPX/SPX	85
AppleTalk	86
DLC/LLC	87
SNMP	87
Other Settings	88
Misc. Settings	88
Firmware Upgrade	90
LPD Queues	91
Support Info	93
Refresh Rate	93
Privacy Settings	93
Select Language	93
Security: Settings	93
Status	94
Wizard	94
Restore Defaults	94
Authorization	95
Admin. Account	95
Certificates	96
Configuring Certificates	97
Access Control	100
Mgmt. Protocols	100
Web Mgmt.	100
SNMP	101
SNMP v3	101
Other	102
802.1x Authentication	103
IPsec	104
Network Statistics	104
Protocol Info	104
Configuration Page	104
Other Links	105
Help	105
Support	105
HP Home	105
HP Web Jetadmin	105
IPsec Configuration	107
HP Jetdirect IPsec Wizard	109
Step 1-Specify an Address Template	110
Create Address Template	110
Step 2-Specify Service Template	110
Create Service Template	111
Select Custom Services	111
Add Custom Services	111
Step 3 - Specify IPsec Template	112
Create IPsec Template	112
IKEv1 Phase 1 (Authentication)	113
IPsec Protocols	114
Manual Keys	115
Summary	115
Configuring Windows Systems	115
Security Features	117
Using Security Features	120
Troubleshooting the HP Jetdirect Print Server	121
Resetting to Factory Defaults	122
Service Menu Example	122
General Troubleshooting	123
Troubleshooting Chart - Assessing the Problem	123
Procedure 1: Verifying that the Printer is On and Online	124
Procedure 2: Printing an HP Jetdirect Configuration Page	124
Procedure 3: Resolving Printer Display Error Messages	125
Procedure 4: Resolving Printer Communication Problems with the Network	126
HP Jetdirect Configuration Pages	129
HP Jetdirect Configuration Page	130
Status Field Error Messages	130
Configuration Page Format	130
Configuration Page Messages	131
HP Jetdirect Configuration/General Information	131
Security Settings	132
Network Statistics	134
TCP/IP Protocol Information	134
IPv4 Section	136
IPv6 Section	137
IPX/SPX Protocol Information	137
Novell NetWare Parameters	138
AppleTalk Protocol Information	139
DLC/LLC Protocol Information	140
Error Messages	140
Security Configuration Page	147
Security Settings	148
IPsec Error Log	150
Local IP Addresses	150
IPsec Stats	150
IKE Stats	150
IPsec Rules	151
IPsec SA Table	151
Available Network Services	151
LPD Printing	153
About LPD	154
Requirements for Configuring LPD	154
LPD Setup Overview	155
Step 1. Setting Up IP Parameters	155
Step 2. Setting Up Print Queues	155
Step 3. Printing a Test File	156
LPD on UNIX Systems	156
Configuring Print Queues for BSD-based Systems	156
Configuring Print Queues Using SAM (HP-UX systems)	157
Printing a Test File	158
LPD on Windows 2000/Server 2003 Systems	159
Installing TCP/IP Software	159
Configuring a Network Printer for Windows 2000/Server 2003 Systems	160
Verifying the Configuration	161
Printing from Windows Clients	161
LPD on Windows XP Systems	162
Adding Windows Optional Networking Components	162
Configuring a Network LPD Printer	162
Adding a New LPD Printer	162
Creating an LPR Port for an Installed Printer	163
LPD on Mac OS Systems	164
Assigning an IP Address	164
Setting Up Mac OS	164
FTP Printing	167
Requirements	167
Print Files	167
Using FTP Printing	167
FTP Connections	167
Control Connection	168
Data Connection	168
FTP Login	168
Ending the FTP Session	169
Commands	169
Example of an FTP Session	171
The HP Jetdirect EIO Control Panel Menu	173
Classic Control Panel	174
Graphical Control Panel	177
Open Source Licensing Statements	183
gSOAP	183
OpenSSL	184
OpenSSL License	184
Original SSLeay License	184

Match case Limit results 1 per page

■

Used by Telnet (IPv4), HP Web Jetadmin (IPv4), and the embedded Web server to control access to HP Jetdirect

configuration parameters.

■

Up to 16 alphanumeric characters may be used.

■

Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), embedded Web server services, or HP

Web Jetadmin (IPv4). Up to 16 alphanumeric characters are allowed.

■

If configured through the embedded Web server, may be synchronized as the SNMP Set Community Name used in HP

Web Jetadmin (IPv4) SNMP v1/v2c Set commands.

■

Cleared by cold reset of the print server to factory default settings.

IPv4 Access Control List

■

Specifies up to 10 IPv4 host systems, or IPv4 networks of host systems, that are allowed access to the HP Jetdirect

print server and the attached network device.

■

Access is generally limited to host systems specified in the list.

■

By factory default, host systems that use HTTP (for example, using the embedded Web server or IPP) are not checked

against entries in the Access List and are allowed access. However, HTTP host access can be disabled through the

embedded Web server.

■

If the list is empty, then all hosts are allowed access.

■

Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), embedded Web server, or SNMP (IPv4)

management software.

Telnet Control

■

Telnet (IPv4) access is not secure. Telnet may be disabled through the embedded Web server (see

Jetdirect

Embedded

Web

Server

(V.31.xx)

Authentication and Encryption

(Full-featured print servers) Certificate management for X.509 digital certificates is provided through the embedded Web

server, for both client-based and server-based authentication. A self-signed Jetdirect certificate is pre-installed, and may be

replaced. A Certificate Authority (CA) certificate may also be installed.

IPv4 SNMP v1/v2c Set Community Name (IP/IPX)

(IPv4 SNMP v1/v2c only)

■

A password on the HP Jetdirect print server that allows incoming SNMP Set commands (for example, from

management software) to write (or

set

) HP Jetdirect configuration parameters.

■

For a user-assigned Set Community Name, SNMP Set commands must contain the user-assigned name, which is

authenticated by the print server before the command is performed.

■

On IP networks, authentication of SNMP Set commands may be further restricted to systems identified on the access

control list.

■

Configured on the HP Jetdirect print server using TFTP (IPv4), Telnet (IPv4), embedded Web server, or Management

application services.

■

SNMP v1/v2c uses plain text and can be disabled.

IPv4 SNMP v3

Table 6-1

Summary of HP Jetdirect Security Features (continued)

108

Chapter 6

Security Features

ENWW