HP 635n HP Jetdirect Print Servers - How to Use 802.1X on HP Jetdirect Print S - Page 76

EAP Unknown User Name

Get HP 635n - JetDirect IPv6/IPsec Print Server PDF manuals and user guides
UPC - 882780301016
View all HP 635n manuals
Add to My Manuals
Save this manual to your list of manuals

Page 76 highlights

Some important packets to look at: • Packet 1 - start of the EAP process, requested by the Authenticator (switch). • Packet 3 - start of the EAP-TLS process • Packet 4 - Jetdirect sends it SSL/TLS Client Hello • Packet 11 - Packets 5, 7, 9, 11 are actually fragmented packets that comprise the Server Hello packet. Packet 11 is what it will look like when it is fully assembled. It is fragmented in this way because the server is sending back certificates which are about 3k octets each in length. • Packet 14 - EAP-TLS requires the client (Jetdirect) to send back a client certificate - that is this packet. • Packet 17 - the Authenticator indicates "Success" to Jetdirect and EAP-TLS has been negotiated successfully. Now we know what a good trace is supposed to look like! EAP Unknown User Name Let's look at a common failure, which is when the username that HP Jetdirect is sending is unknown by the Authentication Server. Although we are using EAP-TLS, this information is also valid for PEAP. 76

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
76
Some important packets to look at:
Packet 1 – start of the EAP process, requested by the Authenticator (switch).
Packet 3 – start of the EAP-TLS process
Packet 4 – Jetdirect sends it SSL/TLS Client Hello
Packet 11 – Packets 5, 7, 9, 11 are actually fragmented packets that comprise the Server
Hello packet.
Packet 11 is what it will look like when it is fully assembled.
It is fragmented in
this way because the server is sending back certificates which are about 3k octets each in
length.
Packet 14 – EAP-TLS requires the client (Jetdirect) to send back a client certificate – that is this
packet.
Packet 17 – the Authenticator indicates “Success” to Jetdirect and EAP-TLS has been
negotiated successfully.
Now we know what a good trace is supposed to look like!
EAP Unknown User Name
Let’s look at a common failure, which is when the username that HP Jetdirect is sending is unknown by
the Authentication Server.
Although we are using EAP-TLS, this information is also valid for PEAP.