HP 635n HP Jetdirect Print Servers - How to Use 802.1X on HP Jetdirect Print S - Page 84

The Jetdirect Identity Certificate must be one the Authentication Server Trusts

Get HP 635n - JetDirect IPv6/IPsec Print Server PDF manuals and user guides
UPC - 882780301016
View all HP 635n manuals
Add to My Manuals
Save this manual to your list of manuals

Page 84 highlights

Here we can see that the Server Hello was sent (packet 68) and it must have been accepted because Jetdirect sends the client certificate (packet 69) and did not send a NAK. However, after the client certificate is sent, the Authenticator returns a TLS Alert indicating "Access Denied". There are a few of things to check: • The Jetdirect Identity Certificate must be configured • The Jetdirect Identity Certificate must be one the Authentication Server Trusts • The Jetdirect user in Active Directory must have Jetdirect's certificate mapped to the account that represents Jetdirect. PEAP Almost everything we've covered with EAP-TLS is also valid for PEAP. Let's look at a successful PEAP negotiation. 84

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
84
Here we can see that the Server Hello was sent (packet 68) and it must have been accepted
because Jetdirect sends the client certificate (packet 69) and did not send a NAK.
However, after
the client certificate is sent, the Authenticator returns a TLS Alert indicating “Access Denied”.
There
are a few of things to check:
The Jetdirect Identity Certificate must be configured
The Jetdirect Identity Certificate must be one the Authentication Server Trusts
The Jetdirect user in Active Directory must have Jetdirect’s certificate mapped to the
account that represents Jetdirect.
PEAP
Almost everything we’ve covered with EAP-TLS is also valid for PEAP.
Let’s look at a successful
PEAP negotiation.