manualshive.com logo in svg

HP 635n - JetDirect IPv6/IPsec Print Server, Administrator'S Manual, Page: 126 / 202

Share
Download
HP 635n - JetDirect IPv6/IPsec Print Server Administrator'S Manual Download Page 126

Using Security Features

Access to HP Jetdirect configuration parameters can be controlled through combined use of the
available security features. 

Table 6-2 Settings for Access Control on page 116

 provides examples of

various settings and the associated level of access control.

Table 6-2

  Settings for Access Control

Settings

Level of Access Control

Accessible through HTTP (embedded Web server),
SNMP v1/v2c applications, or Telnet

Administrator password not set

Default SNMP v1/v2c community names used

No authentication or encryption

Access control list empty, or Firewall is disabled.

Low

Best suited for trusted environments.

Any system can access the HP Jetdirect configuration
parameters through the embedded Web server, Telnet, or
SNMP management software. Passwords are not required.

Administrator password set

User-specified SNMP v1/v2 Set Community Name set

The Access Control List contains host entries and checks
HTTP connections

Telnet and other non-secure protocols disabled.

Medium

Limited security for non-trusted environment.

If the Administrator password and SNMP v1/v2c Set
Community Name are known, access is limited to:

systems listed in the Access Control List, and

SNMP v1/v2c management applications

Unused protocols disabled

HTTPS access enabled using certificates issued by
trusted sources

Full-featured Jetdirect print servers configured for EAP/
802.1X server-based authentication and encryption

Full-featured Jetdirect print servers with SNMP v3
enabled, SNMP v1/v2c disabled

Telnet disabled

Passwords set

The Access Control List contains specified entries and
HTTP connections are checked

Printer control panel locked

IPsec/Firewall policy is enabled and configured for use.

High

High security for non-trusted, professionally managed
environments.

Access is controlled by IPsec. Encryption provides data
privacy; network communication in plain-text is not used.

CAUTION:

Power-on settings (for example,

configurations from a BootP/TFTP or DHCP/TFTP
server) may change the print server's settings when it
is power-cycled. Be sure to confirm your intended
power-on settings.

116 Chapter 6   Security Features (V.36.xx)

ENWW

Summary of Contents for 635n - JetDirect IPv6/IPsec Print Server

Page 1: ...HP Jetdirect Print Servers Administrator s Guide J7961G 635n J7997G 630n J7988G en1700 J7993E embedded J8003E embedded J8004E embedded J8005E embedded HP Jetdirect Firmware V 36 ...

Page 2: ......

Page 3: ...HP Jetdirect Print Servers Administrator s Guide Firmware V 36 ...

Page 4: ...nd services Nothing herein should be construed as constituting an additional warranty HP shall not be liable for technical or editorial errors or omissions contained herein Edition 7 5 2007 Trademark Credits Microsoft MS DOS Windows Vista are U S registered trademarks of Microsoft Corporation NetWare and Novell are registered trademarks of Novell Corporation IBM is a registered trademark of Intern...

Page 5: ...s Summary HP Install Network Printer Wizard Windows 10 Requirements 10 HP Jetdirect Printer Installer for UNIX 10 HP Web Jetadmin 11 System Requirements 11 Installing HP Web Jetadmin 11 Verifying Installation and Providing Access 11 Configuring and Modifying a Device 11 Removing HP Web Jetadmin Software 12 Internet Printer Connection Software 12 HP Supplied Software 12 HP Software System Requireme...

Page 6: ...s Systems 37 To Discontinue DHCP Configuration 38 Using RARP IPv4 39 Using the arp and ping Commands IPv4 40 Using Telnet IPv4 41 Creating a Telnet Connection 41 A Typical Telnet Session 42 User Interface Options 43 Using Telnet to Erase the Existing IP Settings 58 Moving to Another Network IPv4 59 Using the Embedded Web Server 59 Using the Printer Control Panel 59 4 Embedded Web Server V 36 xx Re...

Page 7: ...Mgmt Protocols 91 Web Mgmt 91 SNMP 92 SNMP v3 92 Other 92 802 1X Authentication 93 IPsec Firewall 95 Network Statistics 95 Protocol Info 95 Configuration Page 95 Other Links 95 Help 95 Support 95 5 IPsec Firewall Configuration V 36 xx Default Rule Example 100 IPsec Security Associations SA 100 HP Jetdirect IPsec Firewall Wizard 101 Limitations to Rules Templates and Services 101 Step 1 Specify Add...

Page 8: ...es 123 Procedure 4 Resolving Printer Communication Problems with the Network 124 8 HP Jetdirect Configuration Pages HP Jetdirect Configuration Page 128 Status Field Error Messages 128 Configuration Page Format 128 Configuration Page Messages 129 HP Jetdirect Configuration General Information 129 Security Settings 131 Network Statistics 133 TCP IP Protocol Information 133 IPv4 Section 134 IPv6 Sect...

Page 9: ...indows XP Systems 161 Adding Windows Optional Networking Components 161 Configuring a Network LPD Printer 162 Adding a New LPD Printer 162 Creating an LPR Port for an Installed Printer 162 Appendix B FTP Printing Requirements 165 Print Files 165 Using FTP Printing 165 FTP Connections 165 Control Connection 165 Data Connection 166 FTP Login 166 Ending the FTP Session 167 Commands 167 Example of an ...

Page 10: ...viii ENWW ...

Page 11: ...O slot HP Jetdirect external print servers connect printers or MFPs to the network by adapting a printer s input output connector such as a USB port to the network NOTE Unless otherwise specified the term print server in this manual refers to an HP Jetdirect print server and not a separate computer running print server software Supported Print Servers The features and capabilities of HP Jetdirect ...

Page 12: ... 127 Telnet see TCP IP Configuration on page 17 embedded Web server see Embedded Web Server V 36 xx on page 61 and network management applications For firmware updates see Firmware Upgrades on page 5 Supported Network Protocols The supported network protocols and popular network printing environments that use those protocols are listed below Table 1 2 Supported Network Protocols Supported Network ...

Page 13: ... Jetdirect product data sheets for additional network systems and versions For operation with other network environments consult your system vendor or authorized HP dealer 2 Contact your network system vendor for software documentation and support 3 HP Jetdirect J7988G en1700 external print server is a value featured product that supports TCP IP networks only In addition selected TCP IP printing e...

Page 14: ... authentication server such as a RADIUS Remote Authentication Dial In User Service RFC 2138 server Full featured HP Jetdirect print servers support the following EAP 802 1X methods PEAP Protected Extensible Authentication Protocol PEAP is a mutual authentication protocol that uses digital certificates for network server authentication and passwords for client authentication For additional security...

Page 15: ... is provided that is accessed through the embedded Web server For more information see IPsec Firewall Configuration V 36 xx on page 97 Supplied Manuals The manuals listed below provide information on your HP Jetdirect print server Start or Use guides or equivalent printer documentation shipped with printers that have factory installed HP Jetdirect print servers This manual the HP Jetdirect Print S...

Page 16: ...address or host name If a password is set it must be entered to log into the device After user login typical FTP commands to upgrade the device are illustrated below ftp bin ftp hash ftp cd download ftp put firmware image filename ftp ftp bye where firmware image filename specifies the full path name Be sure that the download is complete before exiting the session HP Support By Phone Highly traine...

Page 17: ...ibility For information on HP s commitment to accessibility of HP Jetdirect print server products Visit the HP Web site at http www hp com accessibility Send email to accessibility hp com ENWW Product Accessibility 7 ...

Page 18: ...8 Chapter 1 Introducing the HP Jetdirect Print Server ENWW ...

Page 19: ...ter for client server shared printing Simple printer setup and installation Installable version that runs from your hard disk is available for download from HP s Website NOTE Printer software drivers are not included and must be obtained separately HP Jetdirect Printer Installer for UNIX on page 10 HP UX 10 x 10 20 11 x Solaris 2 6 7 8 SPARCsystems only TCP IPv4 Fast and easy installation of HP Je...

Page 20: ...Once your printers have a network connection either through a cabled wired connection or a wireless connection the wizard installs the printer on your systems or servers that will send print jobs directly to the printer This is called direct mode or peer to peer printing If your system is a server you can share the printer so that network clients can use the printer through the server also known a...

Page 21: ... through a compatible Web browser by browsing to the HP Web Jetadmin host This allows printer installation and management on Novell NetWare and other networks Installing HP Web Jetadmin Before installing the HP Web Jetadmin software you must have administrator or root privileges on the local system 1 Download the installation files from HP online support at http www hp com go webjetadmin 2 Follow ...

Page 22: ...over HTTPS Secure HTTP is supported Features and benefits provided by Internet printing include High quality time sensitive documents can be printed remotely in full color or black and white Documents can be printed remotely at a fraction of the cost of current methods such as fax mail or overnight delivery services The traditional LAN printing model can be extended to that of an Internet Printing...

Page 23: ...enter the print server s URL http IP_address ipp port where IP_address is the IPv4 address configured on the HP Jetdirect print server ipp port identifies the port number which is port 1 for single port print servers default is ipp port1 Example http 192 160 45 40 An IPP connection to an HP Jetdirect print server with IPv4 address 192 160 45 40 ipp port1 is assumed and not required NOTE For a Secu...

Page 24: ...S X v10 4 system the printer must be on the same network segment that is not across a router In addition the Network Port Configurations setting must have the appropriate network port enabled for example Built in Ethernet is active and is listed at the top of the ports list To uniquely identify a printer on a network that contains many printers print a Jetdirect Configuration page from the printer...

Page 25: ...gs When printing a configuration page make sure a READY message appears on the control panel for at least 1 minute before printing the page For information on the contents of the configuration page see HP Jetdirect Configuration Pages on page 127 Testing the Configuration 1 Open Safari and display a page 2 Click the Safari File menu and select Print 3 In the Printer field select the printer and th...

Page 26: ...16 Chapter 2 HP Software Solutions Summary ENWW ...

Page 27: ...by the printer MFP device IPv6 Address Introduction An IPv6 address consists of 128 bits The normal format of an IPv6 address is eight fields each separated by a colon Each field contains four hexadecimal digits representing 16 bits hhhh hhhh hhhh hhhh hhhh hhhh hhhh hhhh where h is a hexadecimal digit 1 through 0 A through F This is sometimes called colon hexadecimal format Depending on the appli...

Page 28: ... are active however a manually configured address is disabled by default and must be manually enabled Stateless addresses assigned to the print server are under the control of a router Stateful addresses are normally assigned by a DHCPv6 server under the direction of a router however the print server can be configured to always use stateful configuration or to use stateful configuration if statele...

Page 29: ... by the router Stateless configuration fails Use DHCPv6 stateful configuration if stateless configuration fails Always use DHCPv6 On startup always use DHCPv6 for stateful configuration Stateful configuration is useful when host configuration beyond what a router can provide is necessary such as a domain name or DNS server addresses Using DNS HP Jetdirect print servers support the configuration of...

Page 30: ...e if the print server s link local IPv6 address is fe80 20e 7fff fee8 1dd and the Windows system contains a LAN interface with 3 appended to its link local address you would use the following command ping6 fe80 20e 7fff fee8 1dd 3 Note that depending on the local interface used a route to the remote host address may need to be created IPv6 addresses as URL As a URL in a Web browser an IPv6 address...

Page 31: ...lt IP address may or may not be assigned depending on the network environment Default IP Address Will Not Be Assigned A default IP address will not be assigned if a server based method such as BOOTP or DHCP is successful And if the print server is powered off on the same method will again be used to retrieve IP configuration settings If this method now fails to retrieve the IP configuration settin...

Page 32: ...54 16 or 192 0 0 192 In this case you should verify on the Jetdirect configuration page that the assigned default IP address is as expected The IP address configured on your print server may be determined by inspecting the Jetdirect configuration page for the print server See HP Jetdirect Configuration Pages on page 127 Default IPv4 Address Configuration Options Default IPv4 Parameter A Default IP...

Page 33: ...e protocols are supported on HP UX Solaris Linux Windows 2000 Server 2003 NetWare and Mac OS systems Refer to your network operating system manuals to verify that your server operating system supports DHCP For more information see Using DHCP IPv4 on page 36 NOTE Linux and UNIX systems For more information see the bootpd man page On HP UX systems a sample DHCP configuration file dhcptab may be loca...

Page 34: ...cated on the BOOTP server or a separate TFTP server BOOTP TFTP servers are typically UNIX or Linux systems Windows 2000 Server 2003 and NetWare servers can respond to BOOTP requests Windows 2000 Server 2003 servers are configured through Microsoft DHCP services see Using DHCP IPv4 on page 36 However Windows 2000 Server 2003 systems may require third party software for TFTP support For setup of Net...

Page 35: ...ful sends the corresponding configuration data to the Jetdirect print server as a BOOTP reply The configuration data in the etc bootptab file must be properly entered For a description of entries see Bootptab File Entries IPv4 on page 25 The BOOTP reply may contain the name of a configuration file containing enhanced configuration parameters If the HP Jetdirect print server finds such a file it wi...

Page 36: ... Jetdirect print server sends syslog messages to hn 12 The host name tag This tag does not take a value but causes the BOOTP daemon to download the host name to the HP Jetdirect print server The host name will be printed on the Jetdirect configuration page or returned on an SNMP sysName request by a network application NOTE Names such as host names must begin with a letter and can contain only let...

Page 37: ... Port Number For supported HP Jetdirect print servers the Port Number is 1 default Option Option value 0 default disables interlock 1 enables Example 1 1 specifies Port 1 interlock enabled T150 TFTP server s IP address option An HP proprietary tag to specify the TFTP server s IP address where the TFTP configuration file is located T151 Network Configuration option An HP proprietary tag to specify ...

Page 38: ...orted by HP Jetdirect print servers Optional commands for the same function are shown in parentheses Table 3 2 TFTP Configuration File Parameters General passwd or passwd admin A password up to 16 alphanumeric characters that allows administrators to control changes of HP Jetdirect print server configuration parameters through Telnet HP Web Jetadmin or embedded Web server The password may be clear...

Page 39: ...n Name System server sec dns svr The IP address of a secondary DNS server to use if the primary DNS server is unavailable pri wins svr or pri wins srv The IP address of the primary Windows Internet Naming Service WINS server sec wins svr or sec wins srv The IP address of the secondary Windows Internet Naming Service WINS server TCP IP Print Options 9100 printing or 9100 config Enables or disables ...

Page 40: ...TCP port 9100 Valid ports are 3000 to 9000 which are application dependent TCP IP Access Control allow netnum mask Makes an entry into the host access list stored on the HP Jetdirect print server Each entry specifies a host or network of hosts that are allowed to connect to the printer The format is allow netnum mask where netnum is a network number or host IP address and mask is an address mask o...

Page 41: ...s due to inactivity on the network To enable this feature set a value from 1 to 1440 minutes Set 0 to disable this feature ttl slp Specifies the IP multicast Time To Live TTL setting for Service Location Protocol SLP packets The default value is 4 hops the number of routers from the local network The range is 1 to 15 When set to a 1 multicast capability is disabled bonjour config Enables or disabl...

Page 42: ...cifies the maximum segment size MSS that the HP Jetdirect print server will advertise for use when communicating with local subnets Ethernet MSS 1460 bytes or more or remote subnets MSS 536 bytes 0 default All networks are assumed to be local Ethernet MSS 1460 bytes or more 1 Use MSS 1460 bytes or more for subnets and MSS 536 bytes for remote networks 2 All networks are assumed to be remote MSS 53...

Page 43: ...re upgrades through current HP downloading utilities will be disabled get cmnty name or get community name Specifies a password that determines which SNMP GetRequests the HP Jetdirect print server will respond to This is optional If a user specified get community name is set the print server will respond to either a user specified community name or the factory default The community name must be AS...

Page 44: ...23 EN_II ipx sapinterval Specifies the time interval 1 to 3600 seconds that the HP Jetdirect print server waits between Service Advertising Protocol SAP broadcasts on the network The default is 60 seconds 0 disables SAP broadcasts ipx nds tree Identifies the name of the Novell Directory Services NDS tree for this printer ipx nds context An alphanumeric string up to 256 characters that specifies th...

Page 45: ...a higher version than the currently installed version The print server will attempt to upgrade when the upgrade file contains a higher version than the installed version The command format is upgrade TFTP server IP Version Product Number Filename where TFTP Server IP is the IP address of the TFTP server Version specifies the firmware version of the upgrade file Product Number specifies and must ma...

Page 46: ...P Jetdirect print server uses If you have a DHCP server on your network the HP Jetdirect print server automatically obtains its IP address from that server and registers its name with any RFC 1001 and 1002 compliant dynamic name services as long as a WINS Windows Internet Naming Service server IP address has been specified A TFTP Trivial File Transfer Protocol configuration file may also be used w...

Page 47: ... perform the following steps 1 Run the Windows DHCP manager utility Windows 2000 Click Start then select Settings and Control Panel Open the Administrative Tools folder and run the DHCP utility Server 2003 Click Start then select Control Panel Open the Administrative Tools folder and run the DHCP utility 2 In the DHCP window locate and select your Windows server in the DHCP tree If your server is ...

Page 48: ...another reserved client or click Close The reserved clients added will be displayed in the Reservations folder for this scope 12 Close the DHCP manager utility To Discontinue DHCP Configuration CAUTION Changes to an IP address on your HP Jetdirect print server may require updates to printer or system printing configurations for clients or servers If you do not want your HP Jetdirect print server c...

Page 49: ...UNIX or Linux system as a superuser 3 Make sure the RARP daemon is running on your system by typing the following command at the system prompt ps ef grep rarpd Unix ps ax grep rarpd BSD or Linux 4 The system response should be similar to the following 861 0 00 2 24 72 5 14 03 0 00 rarpd a 860 0 00 5 36 140 5 14 03 0 00 rarpd a 5 If the system does not display a process number for the RARP daemon s...

Page 50: ...guration page or on a label attached to HP Jetdirect external print servers NOTE On some systems super user rights may be required for the arp command After an IP address is assigned through arp and ping commands use other tools such as Telnet embedded Web server or HP Web Jetadmin software to configure other IP parameters To configure a Jetdirect print server use the following commands arp s IP a...

Page 51: ...ave a similar IP address that is the network portion of their IPv4 addresses match chances are that a route will exist If their IPv4 addresses do not match then you can either change your workstation s IPv4 address to match or you can try an operating system command to create a route to the print server For example if the print server is configured with a legacy default IP address 192 0 0 192 a ro...

Page 52: ...on Initiating a typical Telnet session is illustrated below To set configuration parameters you must set up a Telnet session from your system to the HP Jetdirect print server 1 Type the following at the system prompt telnet IP address where IP address is the IP address listed on the Jetdirect configuration page See HP Jetdirect Configuration Pages on page 127 2 A connection to the HP Jetdirect pri...

Page 53: ...ration information enter 1 At the Telnet prompt type command parameter value then press Enter where command parameter refers to the configuration parameter you are defining and value refers to the definitions you are assigning to that parameter Each command entry is followed by pressing Enter carriage return See Table 3 3 Telnet Commands and Parameters on page 44 for configuration parameters 2 Rep...

Page 54: ...e next Telnet session you will be prompted for a user name and this password To clear the password enter the command without password and confirmation entries Passwords may be cleared by a cold reset sys location Alpha numeric string up to 255 characters typically used to identify a location sys contact Alpha numeric string up to 255 characters typically used to identify the name of a network or d...

Page 55: ...icies are enabled the status will be read only 0 Disable IPsec Firewall operation if it is enabled 1 Read Only Indicates IPsec Firewall policies are configured and enabled Use the embedded Web server to configure and enable IPsec Firewall policies ip IP address for the print server in dotted notation For example ip config manual ip 192 168 45 39 where manual specifies manual configuration and ip m...

Page 56: ...y DNS server is unavailable pri wins svr The IP address of the primary Windows Internet Naming Service WINS server in dotted notation sec wins svr The IP address of the secondary Windows Internet Naming Service WINS server in dotted notation TCP IP Print Options 9100 printing Enables or disables printing to TCP port 9100 on the print server 0 disables 1 default enables ftp printing Enables or disa...

Page 57: ...he use of lower and uppercase characters only Otherwise management of LPD queues by other tools may yield unpredictable results deleteq Delete a user specified queue The queue name must be specified in the deleteq command line defaultq Name of the queue to be used if the queue specified for a print job is unknown By default the default queue is AUTO addstring Adds a user defined character string t...

Page 58: ...g messages are disabled syslog facility A code used to identify the source facility of a message for example to identify the source of selected messages during troubleshooting By default the HP Jetdirect print server uses LPR as the source facility code but local user values of local0 through local7 can be used to isolate individual or groups of print servers slp config Enables or disables the Ser...

Page 59: ...ned corresponds to user specified LPD queues 5 through 10 The default selection will depend on the printer typically port 9100 printing or LPD binps ftp download Enable or disable the ability to download firmware upgrade files to the print server using FTP File Transfer Protocol 0 disables 1 default enables ttl slp Specifies the IP multicast Time To Live TTL setting for Service Location Protocol S...

Page 60: ... or more for subnets and MSS 536 bytes for remote networks 2 All networks are assumed to be remote MSS 536 bytes except the local subnet MSS affects performance by helping to prevent IP Fragmentation that may result in data retransmission tcp msl Specifies the maximum segment life MSL in seconds The range is 5 120 seconds The default is 15 seconds gw disable Specifies whether or not to automatical...

Page 61: ...unt of time in seconds that the print server will wait for DHCP configuration offers A value from 1 to 10 may be set The default is 5 seconds stateless dhcpv4 When enabled allows additional IP parameters to be automatically configured from a DHCPv4 server even when the print server is statically configured such as a manually configure IP address subnet mask and default gateway 0 disables 1 default...

Page 62: ... SetRequest must match the print server s set community name for the print server to respond For additional security you may limit configuration access through the print server s host access list Community names must be ASCII characters The maximum length is 255 characters default get cmnty Enables or disables the default Get community name 0 disables 1 default enables Disabling this parameter may...

Page 63: ...nformation see HP Jetdirect Configuration Pages on page 127 ipx sapinterval Specifies the time interval 1 to 3600 seconds that the HP Jetdirect print server waits between Service Advertising Protocol SAP broadcasts on the network The default is 60 seconds 0 disables SAP broadcasts ipx mode Read only parameter Specifies the NetWare mode configured on the print server either RPRINTER or QSERVER mode...

Page 64: ...tdirect print server Status Read only parameter Indicates the current AppleTalk configuration status READY Indicates the HP Jetdirect print server is awaiting data DISABLED Indicates that AppleTalk was manually disabled INITIALIZING Indicates that the print server is registering the node address or name An additional status message may also be displayed DLC LLC dlc llc config Enables or disables D...

Page 65: ...tdirect print server 1 default Enable 0 Disable ws discovery conf Enable or disable the Microsoft Web Services Dynamic Discovery WS Discovery protocols on the print server 1 default Enable 0 Disable 1000t ms conf Use this command to configure the print server as a master or slave device on a 1000T network AUTO or 0 default A master slave configuration is automatically sensed and assigned MASTER or...

Page 66: ... printer UNIDIR A standard connection in which data is transferred in one direction only to the printer usb speed Read only parameter USB 2 0 products only Specifies the autonegotiated communication speed over the USB connection between the HP Jetdirect print server and the device Full Speed 12 Mbits sec as specified in the USB v2 0 specifications compatible with USB v1 1 specifications Hi Speed 4...

Page 67: ...isplayed when you type the menu command during a Telnet session with the HP Jetdirect print server The Menu interface eliminates the need to memorize commands and provides structured menu lists for easy access to configuration parameters Figure 3 1 Example Using the Menu Interface on page 58 illustrates the Menu interface using the TCP IP menus as an example From the Main Menu screen select and en...

Page 68: ...t Specified Would you like to change any of the settings Y N Y Host Name printer1 TCP IP Menu 1 TCP IP Main Settings 2 TCP IP Print Options 3 TCP IP Raw Print Ports 4 TCP IP Access Control 5 TCP IP Other Settings 6 TCP IP Diagnostics 0 Return to Main Menu Enter Selection 1 Figure 3 1 Example Using the Menu Interface To edit these parameters enter Y Use the Backspace key to edit the parameters Chan...

Page 69: ...ually set for example from the printer control panel or Telnet reconfigure IP parameters as described in this chapter Using the Embedded Web Server You can use the embedded Web server on the HP Jetdirect print server to configure or view IPv4 and IPv6 parameters For more information refer to Embedded Web Server V 36 xx on page 61 Using the Printer Control Panel When supported by the printer HP Jet...

Page 70: ...rnate configuration tool such as Telnet IPv4 or the embedded Web server as described in this guide If the HP Jetdirect print server is configured with TCP IP parameters from the printer control panel the configuration is saved on the print server when powered off on 60 Chapter 3 TCP IP Configuration ENWW ...

Page 71: ... to device and networking pages The tabs and functions displayed will vary depending on the capabilities of the device and the HP Jetdirect print server firmware version For a description of the device pages see the embedded Web server documentation supplied with your printer or MFP device The Networking tab is displayed and controlled by the Jetdirect print server A typical Networking tab served ...

Page 72: ...the IPv4 IPv6 SNMP v3 agent and seamlessly create an SNMP v3 account on the print server NOTE HP Web Jetadmin 8 0 does not support SNMP configuration over IPv6 protocols However Jetdirect MIB configuration objects such as IPv6 and IPsec objects may be viewed over IPv4 Currently browser support between HP Web Jetadmin and the embedded Web server may differ For supported browsers with HP Web Jetadmi...

Page 73: ...n gain access to the embedded Web server To access the embedded Web server perform the following steps 1 Run a supported Web browser 2 Enter the IP address or fully qualified domain name FQDN of the print server as the URL NOTE For browsers that support direct IPv6 address entries an IPv6 address is typically enclosed in brackets See your system documentation If you do not know the FQDN for the de...

Page 74: ... if a Web server in the attached device cannot be accessed or does not exist The HP Jetdirect home page displays a generic printer graphic to represent the attached device The HP Jetdirect print server s product model firmware version and network addresses are displayed along with any device information that can be retrieved Table 4 1 HP Jetdirect Home Page Items on page 64 provides a summary of t...

Page 75: ...dress The LAA may be configured under local control by a network administrator By default the LAA is the factory assigned LAN Hardware address Admin Password Specifies whether or not an administrator password has been set This password may also be configured through a Telnet session with the HP Jetdirect print server or from HP Web Jetadmin Because passwords are synchronized with selected printers...

Page 76: ...oduct information to HP using the Internet Product identification and usage data collected by HP will be used to improve product features and services Personal data is not collected in accordance with HP privacy policies See the Hewlett Packard Online Privacy Statement at http www hp com If you choose to decline by pressing No a log entry to record this choice may be sent to HP To prevent HP from ...

Page 77: ...configure a host name see the Network Identification tab IPv4 Status Indicates the status of the IPv4 protocol IPv4 cannot be disabled from the embedded Web server in this release Fully Qualified Domain Name IPv4 IPv6 The fully qualified domain name FQDN consists of the device s host name and domain name Unless the network administrator segments domains into separate IPv4 and IPv6 hosts the FQDN c...

Page 78: ...etwork device The name must start with a letter and can end in a letter or number up to 32 ASCII characters The default name is NPIxxxxxx where xxxxxx are the last six digits of the LAN hardware MAC address NOTE Names such as host names must begin with a letter and can contain only letters numbers periods for domain names only or hyphens The underline character _ is not allowed Domain Name IPv4 IP...

Page 79: ...ion to session The default service name is the printer model along with the last six digits of the LAN Hardware MAC address To change the name assigned to this device or service enter an alphanumeric string of up to 64 ASCII characters Bonjour Domain Name Read only parameter Specifies the Bonjour domain name assigned to the device in the form host name local If a host name has not been assigned th...

Page 80: ...sts on the local link without routers Stateless Addresses Read only parameters The stateless addresses and prefix lengths configured on the print server are listed Stateless addresses are assigned under the control of a router DHCPv6 Addresses This section allows you to configure the DHCPv6 policy that the print server uses for stateful addresses assigned by a DHCPv6 server To set the DHCPv6 polic...

Page 81: ...tory default configuration To change the order of the list select an entry and use the up or down arrows to move it Reset to default scheme This button resets the precedence table to the default sequence described above Reinitialize Now This button saves the new precedence table clears the configuration method to its factory default setting and restarts the IP stack Clear Previous Values and Reini...

Page 82: ...racters When configured this parameter will be displayed on the Protocol Info page and the HP Jetdirect Home tab if available Proxy Server For printers MFPs that support this feature IPv4 only Specifies the proxy server to be used by embedded applications in your printer MFP A proxy server is typically used by network clients for Internet access It caches Web pages and provides a degree of Interne...

Page 83: ...Location Protocol SLP packets The default value is 4 hops the number of routers from the local network The range is 1 15 If set to 1 multicast capability is disabled For print servers configured for Auto IP link local addresses this field will be ignored TTL on outbound packets will always be set to 255 and limited to the link local network Syslog Server IPv4 only Specifies the IP address of a hos...

Page 84: ...ernet II EN_II limits the frame type to IPX over Ethernet frames Ethernet 802 2 EN_8022 limits the frame type to IPX over IEEE 802 2 with IEEE 802 3 frames Ethernet SNAP EN_SNAP limits the frame type to IPX over SNAP with IEEE 802 3 frames SAP Interval Specifies the time interval in seconds that the HP Jetdirect print server waits to send Service Advertising Protocol SAP messages which are broadca...

Page 85: ...escription of items on this page NOTE The AppleTalk parameters displayed include the AppleTalk printer types that are advertised on the network The HP Jetdirect print server supports AppleTalk Phase 2 only Table 4 10 AppleTalk Tab Settings Item Description AppleTalk Enable checkbox Enable check or disable clear the AppleTalk protocol on the print server If AppleTalk is enabled AppleTalk parameters...

Page 86: ...ct print server An SNMP Get Community Name is a password to retrieve or read SNMP information on the HP Jetdirect print server An incoming SNMP SetRequest or GetRequest command must contain the appropriate Set or Get community name before the print server will respond A community name must be ASCII characters and can be up to 255 characters long To restrict access the default Get community name pu...

Page 87: ...econds for embedded Web diagnostic page updates Misc Settings The Misc Settings Miscellaneous Settings parameters allow you to set a variety of advanced protocols and features as described below See Table 4 12 Miscellaneous Settings on page 77 Table 4 12 Miscellaneous Settings Item Description SLP Config Enable or disable SLP Service Location Protocol used by selected client application software t...

Page 88: ...very WS Discovery protocols on the print server Link settings For wired 10 100 1000T Ethernet Sets the print server s link speed 10 100 1000 Mbps and communication mode Full or Half Duplex The available link speed selections depend on the print server model The selections that may be displayed are listed below CAUTION If you change the link setting network communications with the print server and ...

Page 89: ...e print server at the time the error was detected HP support personnel may be required to interpret the pages None A diagnostic page will not be printed Dynamic Raw Port Setting Allows additional ports to be specified for printing to TCP port 9100 Valid ports are 3000 to 9000 which are application dependent Disable listening on these ports NOTE If available this item may be superseded or overridde...

Page 90: ... the path to the upgrade file or click Browse to locate it 2 Then click Upgrade Firmware LPD Queues The LPD Queues page allows you to specify LPD line printer daemon print queues on the Jetdirect print server For more information on LPD printing and print queues see LPD Printing on page 153 LPD printing must be enabled on the print server before you can set LPD queues If LPD is disabled go to the ...

Page 91: ...ese four queue types RAW No processing The line printer daemon treats the data in a raw queue as a print job that has already been formatted in PCL PostScript or HP GL 2 and sends it to the printer without modification Note that any user defined Prepend or Append string will be added to the job in the appropriate position TEXT Carriage return added The line printer daemon treats data in text queue...

Page 92: ...are different for different operating systems refer to LPD Printing on page 153 for details Example If you had an LPD printer and wanted to reset it at the start of each print job you could set up a user defined print queue named clear_printer that issues a PCL reset command Escape E at the beginning of each job You could set this up as follows First set up the print queue a Name a string Type res...

Page 93: ... multiple channels of simultaneous print scan and status communication Bidirectional This level provides basic two way printer communications Print data is sent to the printing device and status information is returned from the printing device Unidirectional This is the lowest communication level and provides one way printer communication from the print server to the printing device The communicat...

Page 94: ...erly set for your network Select the Wizard tab to open the initial Wizard page If prompted with security alerts click Yes to proceed The Wizard page identifies the current security level that was last configured on the print server If a security level has not been configured the security level will be None However if HTTPS is required for access to the networking pages then the default setting wi...

Page 95: ...anage devices using HP Web Jetadmin See SNMP on page 76 Enable SNMPv1 v2 read only access Enable this option to allow support of current tools that rely on SNMP v1 v2 for device discovery and status The Configuration Review page displays all the current settings that may affect security Click Finish to set your basic security selections Custom Security This option allows you to manually set all av...

Page 96: ...and HP Web Jetadmin In addition for selected printers the password is shared with the printer see Printer Password Synchronization on page 86 below If a password is set and you attempt to access Jetdirect print server settings you will be prompted for a user name and this password before you are allowed access NOTE If you have logged into the print server using an administrator password the admini...

Page 97: ...direct certificate The Jetdirect certificate is used to validate the identity of the Jetdirect device to clients and to network authentication servers By factory default a self signed Jetdirect certificate is pre installed This allows the embedded Web server to use HTTPS and appear as a secure site when accessed by a Web browser Click View to view the contents of an installed Jetdirect certificate...

Page 98: ... option you are prompted for specific device and organizational information in the following screen Certificate Information This option may be used for example when an authentication protocol requires that a Jetdirect certificate issued by a trusted third party or Certificate Authority be installed Install Certificate This option is displayed only if there is a Jetdirect certificate request to a t...

Page 99: ... device Examples Domain Name myprinter mydepartment mycompany com IP address 192 168 2 116 The Common Name will be used to uniquely identify the device For HP Jetdirect print servers using EAP authentication some authentication servers may need to be configured with the Common Name as specified on the certificate If the default IP address 192 0 0 192 is configured on the Jetdirect print server it ...

Page 100: ...curity and performance Use this tab to display the Access Control List ACL on the HP Jetdirect print server An access control list or host access list specifies individual host systems or networks of host systems that will be allowed to access the print server and the attached network device Up to 10 entries can be included on the list If the list is empty no hosts are listed any supported system ...

Page 101: ...to use HTTPS may be transparent depending on your browser s capabilities NOTE IPP is not supported on value based print servers By factory default HP Jetdirect print servers and printers with IPsec support are configured to require HTTPS only Although not recommended HTTPS and HTTP communications that are not secure can be allowed by clearing the Encrypt All Web Communication checkbox To support t...

Page 102: ...the initial account by specifying the HMAC MD5 authentication and CBC DES data privacy encryption keys used by your SNMP v3 management application CAUTION You should disable Telnet and ensure secure embedded Web communications through HTTPS is enabled before creating the initial SNMP v3 account This will help to prevent access or interception of account information over a connection that is not se...

Page 103: ...the print server Enable Management Protocols Enable or disable Telnet access and the use of FTP to upgrade firmware on the print server Telnet and FTP are not secure protocols and device passwords may be intercepted Enable or disable RCFG a remote IPX configuration protocol used by older management tools to configure Novell NetWare parameters Disabling RCFG does not affect direct mode printing usi...

Page 104: ...ficate Authority CA for the authentication server The entry may be a partial string right most characters unless the Require Exact Match checkbox is enabled Encryption Strength Specify the minimum encryption strength that can be used during communications with the authentication server You may select Low Medium or High encryption strength For each encryption strength ciphers are specified to ident...

Page 105: ...the HP Jetdirect print server for each protocol Use these lists to validate your desired settings Configuration Page This page provides a view of the HP Jetdirect configuration page that contains a summary of HP Jetdirect status and configuration information The contents of this page are described in HP Jetdirect Configuration Pages on page 127 Other Links Help On Networking tab pages click to dis...

Page 106: ...96 Chapter 4 Embedded Web Server V 36 xx ENWW ...

Page 107: ...on to Firewall and IPsec protection at the network layer the print server also supports an SNMPv3 agent at the application layer for management application security and open Secure Sockets Layer SSL standards at the transport layer for secure client server applications for example client server authentication or HTTPS Web browsing For IPsec Firewall operation on the print server you must configure...

Page 108: ...Figure 5 1 Firewall Policy page Figure 5 2 IPsec Policy page 98 Chapter 5 IPsec Firewall Configuration V 36 xx ENWW ...

Page 109: ... a security risk may exist Future networking applications that are deployed after the IPsec Policy is in place may not be IPsec protected unless the All Services template is used For example installing a third party Chai service plug in or upgrading firmware for the printer or print server may result in a new service that is not covered by the IPsec policy Policies should be revisited whenever fir...

Page 110: ...et that is not IPsec protected but with an IPv4 address to a service port other than port 9100 such as Telnet would be allowed and processed If the Default Rule is set to Drop then An IP packet that is not IPsec protected but with an IPv4 address directed to printing port 9100 would not be processed dropped because it violates the configured rule An IPsec packet with IPv4 address directed to print...

Page 111: ...this action you will be prompted to configure an IPsec template that is the IPsec authentication encryption settings to be applied to the specified IP traffic See the illustration below HP Jetdirect IPsec Firewall Policy IPsec Firewall Rules Use the IPsec Firewall Wizard to Configure Each Rule Step 1 select Addresses1 Step 2 select Services1 Step 1 select Addresses2 Step 2 select Services2 Step 3 ...

Page 112: ...maximum number of user defined address templates that can be configured 8 The maximum number of services that can be added to a user defined service template NOTE The predefined All Services template is not subject to this limitation and will include all services supported by the print server 64 The maximum number of services that can be added to the policy For example if a user defined service te...

Page 113: ... These may be used for example when DHCP servers assign IP addresses from a scope of addresses Step 2 Specify Service Template The available service templates for which a rule will apply are listed in the Service Templates field by name Select a predefined template or click New to create and add a custom template to the list CAUTION If the All Services template for a rule is not specified a securi...

Page 114: ...vices Common Printer MFP Services Contains a list of common printer MFP services supported by the print server Manage Custom Services Click this button to create and manage user defined services Manage Custom Services Use this page to add or remove custom services to the Manage Services page To add a custom service 1 Enter a name for the custom service 2 Specify the Protocol Service Type and Servi...

Page 115: ...ICMP Internet Control Message Protocol does not use ports instead it uses well known message types NOTE ICMP messages are typically used for error control or information messages between network hosts Add Use this button to add the custom service to the Configured Custom Services list Configured Custom Services This list identifies the custom services that have been configured Delete Use this butt...

Page 116: ...will differ when you click Next Table 5 7 Create IPsec Template page Item Description IPsec Template Name Enter a name for a custom IPsec template in the edit box This name will be added to the Specify IPsec Template page NOTE The IPsec template name must be unique Authentication Type Hosts specified in the Address template must negotiate IPsec security settings during a session During negotiation...

Page 117: ...laced In addition a CA certificate must be installed for server authentication Status indicates whether a certificate is installed or not installed Click View to view the certificate data of an installed certificate Click Configure to manage or install a certificate For information on requesting configuring and installing certificates see Configuring Certificates on page 88 Kerberos Select Kerbero...

Page 118: ...s status indicates Configured Kerberos Settings For Kerberos authentication use the wizard to manually configure Kerberos account settings on the print server 1 Use the Kerberos Settings page to configure Kerberos account and configuration settings 2 Click Next to return to the Identity Authentication page and confirm that Kerberos status indicates Configured Table 5 10 Kerberos Settings page Item...

Page 119: ...sociations dynamically Use this page to configure SA parameters for authentication and to securely generate IPsec session keys for encryption and authentication algorithms Items on this page are described below Table 5 11 IKE Phase 1 Authentication page Item Description Negotiation Mode Required IKE provides two modes of negotiation during an exchange for keys and security services to be used for ...

Page 120: ...abled If you enable ESP and AH you must select AH authentication methods Security Association SA Lifetime Specify the Security Association lifetime either in seconds in the number of kilobytes KB or both Within the limits specified shorter lifetimes will provide improved security depending on the frequency of SA use Use 0 to disable Advanced IKE Settings button Click this button to configure advan...

Page 121: ...apsulating Security Payload ESP protocol for IP packets ESP headers are inserted in packets to ensure privacy and integrity of packet contents Select among the supported encryption methods strengths and authentication methods to be used for data protection AH Use IPsec Authentication Header AH protocol for IP packets AH headers are inserted in packets to protect integrity of packet contents throug...

Page 122: ...entries Encryption Enter encryption keys in the fields provided In Enter the Encryption keys for packets received by the device Out Enter the Encryption keys for packets sent by the device Authentication Enter authentication keys in the fields provided Authentication keys must be the same for ESP and AH protocols if both are enabled In Enter the authentication keys for packets received by the devi...

Page 123: ...ur browser Digital certificates issued by a trusted third party can be installed on the print server allowing it to be configured as a trusted site Using HTTPS the embedded Web server provides configuration and management of network parameters and protocols through a secure channel An HP Jetdirect Security Configuration Wizard provides an easy to use interface to configure security settings Full f...

Page 124: ...the HP Jetdirect print server using TFTP IPv4 Telnet IPv4 embedded Web server or SNMP IPv4 management software Telnet Control Telnet IPv4 access is not secure Telnet may be disabled through the embedded Web server see Embedded Web Server V 36 xx on page 61 Authentication and Encryption Certificate management for X 509v3 digital certificates is provided through the embedded Web server for both clie...

Page 125: ...er features For more information refer to the HP Web Jetadmin online help For full featured print servers only HP Web Jetadmin can seamlessly enable the IPv4 IPv6 SNMP v3 agent on the print server and create an SNMP v3 account for secure encrypted management Printer Control Panel Lock Selected HP printers provide a control panel lock that prevents access to HP Jetdirect print server configuration ...

Page 126: ... protocols disabled Medium Limited security for non trusted environment If the Administrator password and SNMP v1 v2c Set Community Name are known access is limited to systems listed in the Access Control List and SNMP v1 v2c management applications Unused protocols disabled HTTPS access enabled using certificates issued by trusted sources Full featured Jetdirect print servers configured for EAP 8...

Page 127: ...ms A Jetdirect configuration page see HP Jetdirect Configuration Pages on page 127 A Printer Configuration or Diagnostic Page Documentation that came with your printer Documentation that came with your HP Jetdirect print server The diagnostics tools and utilities provided with your network software for example Novell NetWare utilities TCP IP utilities or network printer management applications suc...

Page 128: ...Network clients may lose their connection to the printer For older HP LaserJet printers a cold reset is performed by power cycling the printer while pressing the Go Start or Pause Resume button For recent HP LaserJet printers MFPs use the same procedures as for Jetdirect embedded print servers described below For other printers refer to your printer manuals Or visit http www hp com support and sea...

Page 129: ...utton on MFPs with numeric keypads only until the three control panel lights Ready Data Attention blink and then remain on 3 Release the Select button or 6 button The control panel will display Select Language 4 Press the down arrow M button or 9 button until Cold Reset appears 5 Press the Select button or 6 button to perform a cold reset and then continue its power on sequence ENWW Resetting to F...

Page 130: ... on MFPs with numeric keypads only until the three control panel lights Ready Data Attention blink and then remain on 3 Release the Select button or 6 button The control panel will display Select 4 Press the down arrow M button or 9 button until Embedded LAN disable appears 5 Press the Select button or 6 button to perform disable the embedded print server and then continue its power on sequence 6 ...

Page 131: ...l display a READY message Is the printer communicating with the network YES Does an I O Card Ready message appear on the config page If the problem persists see your network documentation NO See Procedure 1 NO See Procedure 2 NO See Procedure 3 NO See Chapter 8 NO YES YES YES YES See Procedure 4 Figure 7 1 Assessing the Problem ENWW General Troubleshooting 121 ...

Page 132: ...appear on the printer control panel display See Procedure 3 in this section for a list of network related error messages and corrective actions See your printer documentation for a complete list of control panel messages and corrective actions Procedure 2 Printing an HP Jetdirect Configuration Page The HP Jetdirect configuration page is an important troubleshooting tool The information on this pag...

Page 133: ...you have already printed a configuration page 1 For LaserJet printers or MFPs does the control panel display a Service Error message such as 49 XXXX 79 XXXX or 8X XXXX error Refer to your printer manuals to interpret the error message If you upgraded the Jetdirect firmware recently power the print server off on For EIO and embedded Jetdirect print servers turn the printer off and back on again Ver...

Page 134: ...pecifications 2 Are your network cables connected properly Make sure that the printer is attached to the network using the appropriate HP Jetdirect print server port and cable Check each cable connection to make sure it is secure and in the right place If the problem continues try a different cable or network port on the hub or switch 3 For 10 100 1000Base T print servers is auto negotiation prope...

Page 135: ...s 10 If you are on a TCP IP network can you use Telnet to print directly to the printer Use the following Telnet command telnet IP address port where IP address is the IPv4 address assigned to the HP Jetdirect print server and port is 9100 the default printing port of the print server In the Telnet session type in data and press Enter The data should print to the printer a manual form feed may be ...

Page 136: ...126 Chapter 7 Troubleshooting the HP Jetdirect Print Server ENWW ...

Page 137: ...omatically print after a printer configuration page is printed For instructions see your printer manuals An HP Jetdirect configuration page can also be viewed over the network from a management utility such as HP Web Jetadmin or by accessing the embedded Web server on the HP Jetdirect print server see Embedded Web Server V 36 xx on page 61 If supported by the print server a Security configuration ...

Page 138: ...rror codes and related error messages may be displayed in a Status field For information on each error message see Table 8 13 Error Messages on page 140 Configuration Page Format A typical Jetdirect configuration page is illustrated in Figure 8 1 Typical Jetdirect Configuration Page on page 128 The configuration page information provided will vary depending on the print server model and firmware v...

Page 139: ...page 133 TCP IP IPv4 IPv6 Provides the current status and parameter values for TCP IP network protocols For general information see Table 8 6 TCP IP Configuration Information on page 134 For IPv4 see Table 8 7 IPv4 Section on page 134 For IPv6 see Table 8 8 IPv6 Section on page 136 For error messages see Table 8 13 Error Messages on page 140 IPX SPX Provides the current status and parameter values...

Page 140: ... by some network adiministrators The default address is the print server s factory default LAN hardware address PORT CONFIG Identifies the link configuration of the RJ 45 port on the HP Jetdirect wired Ethernet print server 10BASE T HALF 10 Mbps half duplex 10BASE T FULL 10 Mbps full duplex 100TX HALF 100Mbps half duplex 100TX FULL 100Mbps full duplex 1000T FULL 1000 Mbps full duplex UNKNOWN The p...

Page 141: ...lows multiple channels of simultaneous print scan and status communication Bidirectional Two way printer communication sending print data to the printing device and returning status information from the printing device Unidirectional One way communication to the printing device Device not found The connection of a printing device has not been detected Check device and cable Device not supported Th...

Page 142: ...ample 2002 10 02 12 45 UTC Not Applicable Displayed if a digital certificate has not been installed SNMP Versions Specifies the SNMP versions enabled on the print server Disabled All SNMP versions are disabled on the print server No SNMP access is allowed 1 2 SNMP v 1 and SNMP v 2c are supported and SNMP v 3 is disabled or not supported 1 2 3 na np SNMP v 1 v 2c and v 3 are enabled v 3 is enabled ...

Page 143: ...her nodes UNICAST PACKETS RECEIVED Number of frames specifically addressed to this HP Jetdirect print server This does not include broadcasts or multicasts BAD PACKETS RECEIVED Total number of frames packets received with errors by the HP Jetdirect print server FRAMING ERRORS RECEIVED Maximum of CRC Cyclic Redundancy Check errors and framing errors CRC errors are frames received with CRC errors Fr...

Page 144: ... com because the host printer name is not included Not Specified Indicates that a domain name has not been configured on the print server PRIMARY DNS SERVER The IPv4 address of the Domain Name System DNS server Not Specified Indicates that a primary DNS server has not been configured on the print server SECONDARY DNS SERVER The IPv4 address of the Domain Name System DNS server Not Specified Indica...

Page 145: ... 0 is displayed If not provided the IP address of the Jetdirect print server is used Not Specified Indicates that a default gateway is not configured CONFIG BY Identifies how the HP Jetdirect print server obtained its IPv4 configuration BOOTP Automatic configuration through a BOOTP server BOOTP TFTP Automaticautomatic configuration through a BOOTP server and TFTP configuration file DHCP Automatic ...

Page 146: ...ess IPv6 Section The following table includes items displayed under the IPv6 section of the configuration page Table 8 8 IPv6 Section Message Description STATUS Current TCP IPv6 status READY Indicates the HP Jetdirect print server is awaiting data over TCP IP DISABLED Indicates that TCP IP was manually disabled INITIALIZING Indicates that the print server is searching for the BOOTP server or tryin...

Page 147: ...ed and discarded EN_8022 Limits the frame type to IPX over IEEE 802 2 with IEEE 802 3 frames All others will be counted and discarded EN_SNAP Limits the frame type to IPX over SNAP with IEEE 802 3 frames All others will be counted and discarded NETWORK FRAME TYPE RCVD The first column Network indicates the network number associated with a protocol frame type used for communication between a server...

Page 148: ...l Directory Services NDS tree for this printer NDS is a database of objects on a NetWare network organized in a hierarchical tree structure Not Specified or blank NDS is disabled NDS CONTEXT Displays the fully qualified NDS name where the HP Jetdirect print server object resides in the NDS tree For example CN lj_pserver OU support OU mycity OU mycompany Not Specified or blank NDS is disabled ATTAC...

Page 149: ...e HP Jetdirect print server is currently operating NODE NUMBER Identifies the AppleTalk Node Number that the print server chose for itself as part of its initialization sequence NOTE The AppleTalk phase 2 P2 parameter is pre configured on the HP Jetdirect print server DLC LLC Protocol Information Information in this section of the Jetdirect configuration page is described in Table 8 12 DLC LLC Con...

Page 150: ...the network connections If the connections are intact run the power on self test turn the print server off then on again If the error persists replace the HP Jetdirect print server 0C LAN ERROR RECEIVER OFF There may be a problem with your network cabling or the HP Jetdirect print server Check the cabling and connectors on your Ethernet network If you cannot find a problem with your network cablin...

Page 151: ...none of the file servers are connected 19 NO QUEUE ASSIGNED The HP Jetdirect print server detected that the print server object has not been assigned any queues to service Assign queues to the print server object using printer installation or NetWare utilities NOTE When multiple file servers are configured the error is only displayed on the configuration page if none of the file servers were succe...

Page 152: ...ere successfully connected 23 UNABLE TO ATTACH TO QUEUE A failure was detected when the HP Jetdirect print server tried to attach to one of the queues assigned to the print server object This may be because no servers are allowed to attach to this queue There may also be a networking or security problem Use PCONSOLE to make sure that servers are allowed to attach to the queue to delete the print s...

Page 153: ...e list of notification objects assigned to the printer object cannot be located 33 NDS PRINT OBJ QUEUE LIST ERR The list of print queues assigned to the printer objects cannot be located 34 NDS ERR UNRESOLVD PRNTR OBJ The printer object cannot be located in the NDS directory 35 NDS ERR INVALID SRVR VERS The current version of the NetWare file server is not supported 36 NDS ERR NO PRINTER OBJECTS N...

Page 154: ... node Check your TFTP configuration file 48 CF ERR FILE INCOMPLETE The TFTP configuration file contained an incomplete last line that did not end in a newline character 49 CF ERR LINE TOO LONG A line being processed in the TFTP configuration file was longer than the HP Jetdirect print server could accept 4A CF ERR UNKNOWN KEYWORD A TFTP configuration file line contained an unknown keyword 4B CF ER...

Page 155: ...rint server 5C DHCP BAD REPLY A bad reply was received from the DHCP server Check your DHCP server settings for this print server 5D DHCP LEASE DURATION TOO SHORT The DHCP lease times for this print server s TCP IP configuration settings are too short Re configure the DHCP lease times on the DHCP server 5E DHCP LEASE RELEASED The lease for DHCP configured parameters including the IP address have b...

Page 156: ...ver the network F4 BOOTP DHCP IN PROGRESS The print server is attempting to use BootP or DHCP to obtain TCP IP configuration settings over the network HP Jetdirect Security Page If the HP Jetdirect print server supports IPsec an enhanced Security page can be printed from the Jetdirect menu accessed through the printer control panel A typical Security page is illustrated below To print the HP Jetdi...

Page 157: ...ge Description 802 1X Identifies whether the print server has been configured with EAP 802 1X client authentication settings EAP TLS 802 1X EAP TLS has been configured EAP PEAP 802 1X EAP PEAP has been configured Specified An 802 1X authentication protocol other than EAP TLS EAP PEAP has been configured Not Specified 802 1X authentication has not been configured IPsec Provides the print server s c...

Page 158: ...np SNMP v 1 v 2c and v 3 are enabled v 3 is enabled with the minimum security of authentication enabled a but no privacy np 1 2 3 a p SNMP v 1 v 2c and v 3 are enabled v 3 is enabled with the minimum security of authentication a with privacy p enabled 3 na np SNMP v 1 and v 2c are disabled SNMP v 3 is enabled with the minimum security of no authentication na and no privacy np 3 a np SNMP v 1 and v...

Page 159: ...s Displays the number of fragmented packets that could not be reassembled ESP MAC Errors Displays the number of Encapsulating Security Payload ESP Message Authentication Code MAC errors MAC is used to verify packet integrity that is the message received is the same as the one sent AH MAC Errors Displays the number of Authentication Header AH Message Authentication Code MAC errors MAC is used to ve...

Page 160: ... print server The IPsec Policy consists of rules that control the security of the traffic received and transmitted by the print server Rules are configured using an IPsec configuration wizard accessed through the print server s embedded Web server Up to ten rules can be configured The heading of this section will indicate the default rule for IPsec traffic Def Pass or Drop Pass The default IPsec r...

Page 161: ...ote port is one associated with a remote client application while a local port identifies a service and port number on the HP Jetdirect print server In addition a port may be identified as secure or not secure depending on the IPsec policy configuration For example for LPD printing enabled with an IPsec rule a local TCP secure port 515 would be listed Port 515 is a well known port for LPD services...

Page 162: ...152 Chapter 8 HP Jetdirect Configuration Pages ENWW ...

Page 163: ...stems using LPD Configuring print queues using the SAM utility HP UX systems LPD on Windows 2000 Server 2003 Systems on page 159 LPD on Windows XP Systems on page 161 NOTE For other systems not listed refer to your operating system documentation and online help Recent versions of Novell NetWare NetWare 5 x with NDPS 2 1 or greater support LPD printing For setup instructions and support refer to th...

Page 164: ... protocol include the following Table A 1 LPD Programs and Protocols Program Name Purpose of Program lpr Queues jobs for printing lpq Displays print queues lprm Removes jobs from print queues lpc Controls print queues lpd Scans and prints the files if the specified printer is connected to the system If the specified printer is connected to another system this process forwards the files to an lpd p...

Page 165: ...ed files The queue names text and raw in the following examples see rp tag have special meanings Table A 2 Supported Queue Names raw raw1 raw2 raw3 no processing text text1 text2 text3 carriage return added auto auto1 auto2 auto3 automatic binps binps1 binps2 binps3 binary PostScript user defined Full featured print servers only Queues are defined by the user may optionally include command strings...

Page 166: ...ename sd usr spool lpd printer_name where short_printer_name identifies the printer to the user node_name identifies the printer on the network and remote_printer_name_argument is the print queue designation such as text raw binps auto or user defined For more information on printcap see the printcap man page Example Printcap Entries for ASCII or Text Printers lj1_text text1 lp rm laserjet1 rp tex...

Page 167: ...t lj1_raw chgrp daemon lj1_text lj1_raw chmod g w lj1_text lj1_raw Configuring Print Queues Using SAM HP UX systems On HP UX systems you can use the SAM utility to configure remote print queues for printing text ASCII files or raw PCL PostScript or other printer language files Before you execute the SAM program select an IP address for the HP Jetdirect print server and set up an entry for it in th...

Page 168: ...on when you set up your print queues Printing a Test File To verify that the printer and print server connections are correct print a test file 1 At the UNIX system prompt type lpr Pprinter_name file_name where printer_name is the designated printer and file_name refers to the file to be printed Examples for BSD based systems Text File lpr Ptext1 textfile PCL File lpr Praw1 pclfile pcl PostScript ...

Page 169: ...rnet Protocol TCP IP is listed and enabled in the list of components used by this connection the necessary software is already installed Proceed to Configuring a Network Printer for Windows 2000 Server 2003 Systems on page 160 If not go to step 2 2 If you have not previously installed the software Windows 2000 Server 2003 In the Local Area Connection Properties window click Install In the Select N...

Page 170: ...ate a new port and select LPR Port Click Next 6 In the Add LPR compatible printer window a Enter the DNS name or IP address of the HP Jetdirect print server NOTE Some client applications may not support the direct entry of an IPv6 address However support through the use of name resolution may be available provided the appropriate IPv6 records are configured in DNS If name resolution is supported y...

Page 171: ...ename is the name raw or text and filename is the file you wish to print If the file prints correctly the configuration was successful If the file does not print or prints incorrectly see Troubleshooting the HP Jetdirect Print Server on page 117 Printing from Windows Clients If the LPD printer on the Windows server is shared Windows clients can connect to the printer on the Windows server using th...

Page 172: ...ver support through the use of name resolution may be available provided the appropriate IPv6 records are configured in DNS If name resolution is supported you can enter the print server s host name or a fully qualified domain name FQDN on these applications b Type in lowercase the name of the print queue for the HP Jetdirect print server for example raw text auto or binps c Click OK 6 Select the ...

Page 173: ... use of name resolution may be available provided the appropriate IPv6 records are configured in DNS If name resolution is supported you can enter the print server s host name or a fully qualified domain name FQDN on these applications 6 In the dialog box labeled Name of printer or print queue on that server in lowercase type the name of the print queue for the HP Jetdirect print server for exampl...

Page 174: ...164 Appendix A LPD Printing ENWW ...

Page 175: ...nt files to the printer but does not interpret them For proper printing print files must be in a language recognized by the printer such as PostScript PCL or unformatted text For formatted print jobs you must first print to a file from your application using the driver for the selected printer then transfer the print file to the printer through an FTP session For formatted print files use binary i...

Page 176: ...t commands Although the ls and dir commands are always accepted the HP Jetdirect FTP server supports a single data connection for printing at a time The transmission mode for an FTP data connection with the HP Jetdirect print server is always in stream mode which marks the end of file by closing the data connection Once a data connection is established the file transfer type ASCII or binary can be...

Page 177: ...rint servers only port1 is available cd specifies the root directory of the HP Jetdirect FTP server quit quit or bye terminates the FTP session with the HP Jetdirect print server bye dir dir or ls displays the contents of the current directory If this command is typed in the root directory a list of available ports for printing is displayed For supported HP Jetdirect print servers only port1 is av...

Page 178: ...d to a desired port and use put filename Ready to print to PORT1 230 User logged in ftp pwd 257 is current directory default port is PORT1 HP Color LaserJet 4500 ftp cd port1 250 Changed directory to PORT1 ftp pwd 257 PORT1 is current directory HP Color LaserJet 4500 ftp bin 200 Type set to I Using binary mode to transfer files ftp put d atlas temp ftp_test ps 200 PORT command successful 150 Openi...

Page 179: ... can be accessed from the printer s control panel The keystrokes to access this menu from the printer control panel depend on the printer Refer to your printer User guide or print a control panel menu map for more information The Jetdirect menus available depend on the type of control panel Graphical or Classic ENWW 169 ...

Page 180: ...ntify the device This name is listed on the HP Jetdirect configuration page The default host name is NPIxxxxxx where xxxxxx is the last six digits of the LAN hardware MAC address NOTE Names such as host names must begin with a letter and can contain only letters numbers periods for domain names only or hyphens The underline character _ is not allowed IPv4 Settings Config Method Specifies the metho...

Page 181: ...hich an idle TCP print data connection is closed default is 270 seconds 0 disables the timeout Default IP Specify the IP address to default to when the print server is unable to obtain an IP address from the network during a forced TCP IP reconfiguration for example when manually configured to use BootP or DHCP Auto IP A link local IP address 169 254 x x is set Legacy The address 192 0 0 192 is se...

Page 182: ...r Unavailable If a router is not available the print server should attempt to obtain its stateful configuration from a DHCPv6 server Always Whether or not a router is available the print server always attempts to obtain its stateful configuration from a DHCPv6 server Primary DNS Use this item to specify an IPv6 address for a primary DNS server that the print server should use NOTE This item will a...

Page 183: ...server model Frame Type Selects the frame type setting for your network Auto Automatically sets and limits the frame type to the first one detected EN_8023 EN_II EN_8022 and EN_SNAP Frame type selections for Ethernet networks AppleTalk Enable Off Disable the AppleTalk protocol On Enable the AppleTalk protocol NOTE The factory default setting depends on the print server model DLC LLC Enable Off Dis...

Page 184: ...Tests For HP Jetdirect embedded print servers only This menu provides tests to help diagnose network hardware or TCP IP network connection problems Embedded tests help to identify whether a network fault is internal or external to the device Use an embedded test to check hardware and communication paths on the print server After you select and enable a test and set the execution time you must sele...

Page 185: ...TP SNMP and Data Path tests is printed after the tests have completed Execute No default Do not run the selected tests Yes Initiate the selected tests Ping Test This test is used to check network communications This test sends link level packets to a remote network host then waits for an appropriate response Dest Type Specify whether the target device is an IPv4 or IPv6 node Dest IPv4 Type the IPv...

Page 186: ...096 milliseconds for packet transmission and response Ping in Progress Shows whether a ping test is in progress Yes indicates a test in progress and No indicates that a test completed or was not run Refresh When viewing the ping test results this item updates the ping test data with current results Yes Update the data No Maintain the existing data However a refresh automatically occurs when the me...

Page 187: ...plex operation 100TX Auto Limits auto negotiation to a maximum link speed of 100 Mbps on 1000T networks 1000TX Full 1000 Mbps full duplex operation Print Protocols Use this item to print a page that lists the configuration of the following protocols IPX SPX Novell NetWare AppleTalk DLC LLC Table C 1 Jetdirect EIO Menu on Graphical Control Panel continued ENWW Jetdirect Menus for Graphical Control ...

Page 188: ...Identifies whether the protocol stack is enabled or disabled ON The protocol is enabled OFF The protocol is disabled NOTE The factory default setting depends on the print server model For example only TCP IP is enabled on HP Jetdirect 635n print servers CFG TCP IP Selects whether you want to access the TCP IP menu and set TCP IP protocol parameters NO default Bypass the TCP IP menu items YES Acces...

Page 189: ...o obtain its stateful configuration from a DHCPv6 server MANUAL KEEP DISABLE specifies the behavior for a manually configured IPv6 address detected on the print server KEEP default If configured maintain the address in an active state DISABLE If configured maintain the address but in an inactive state Print a Jetdirect configuration page to verify your settings However note that the print server m...

Page 190: ...NK Selects whether you want to manually configure the HP Jetdirect print server s network link NO default Bypass the link configuration menu items YES Access the link configuration menu items The link speed and communication mode of the print server must match the network The available settings depend on the print server model One of the following link configuration settings can be selected CAUTIO...

Page 191: ...ED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT...

Page 192: ...des software developed by the OpenSSL Project for use in the OpenSSL Toolkit http www openssl org THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT AS IS AND ANY EXPRESSED OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT I...

Page 193: ...ludes cryptographic software written by Eric Young eay cryptsoft com The word cryptographic can be left out if the routines from the library being used are not cryptographic related 4 If you include any Windows specific code or a derivative thereof from the apps directory application code you must include an acknowledgement This product includes software written by Tim Hudson tjh cryptsoft com THI...

Page 194: ...184 Appendix D Open Source Licensing Statements ENWW ...

Page 195: ...bedded Web server 72 Telnet configuration 46 TFTP configuration 29 Bonjour embedded Web server 69 93 Telnet 48 TFTP 31 BOOTP embedded Web server 69 Telnet configuration 45 Using 24 BOOTP Server Configuration 25 Identifying 135 BOOTP DHCP IN PROGRESS 145 BOOTP RARP IN PROGRESS 145 Browsers embedded web server 62 HP Web Jetadmin 11 C CA certificate embedded Web server 94 Cert Expires 132 148 Certifi...

Page 196: ...ing Security Payload F Factory defaults resetting Cold reset 118 Security parameters 29 44 86 174 180 TCP IP from Telnet 58 Failsafe 100 Firewall Control panel menu 174 embedded Web server 97 FIRMWARE REVISION 130 Firmware upgrades embedded Web server 80 Obtaining 5 TFTP configuration 35 Flow control 55 FRAME TYPE 137 FRAMING ERRORS RCVD 133 FTP printing Commands 167 Example 168 Exiting 167 Introd...

Page 197: ...0 EXTERNAL LOOPBACK 140 INFINITE DEFERRAL 140 INTERNAL LOOPBACK 140 LOSS OF CARRIER 140 NO LINKBEAT 140 NO SQE 140 RECEIVER OFF 140 RETRY FAULTS 140 TRANSMITTER OFF 140 UNDERFLOW 140 Link configuration Control panel 176 180 embedded Web server 78 Telnet 55 TFTP 35 Locally administered address LAA 55 65 78 130 LPD Line Printer Daemon See LPD printing LPD printing Setup overview 155 TFTP configurati...

Page 198: ... queues 157 SAP Interval 138 Secure Web Configuration page entry 133 embedded Web server 91 Telnet configuration 44 TFTP configuration 28 Security Network settings 173 Printer control panel 59 Security Associations SA lifetime setting 110 Security configuration page 150 Security features 113 Security Parameters Index SPI 111 Service Location Protocol SLP embedded Web server 93 Telnet 48 TFTP confi...

Page 199: ...ges 139 Disable the print server 120 Flow chart 121 U UNICAST PACKETS RCVD 133 UNIX HP UX and Solaris networks LPD printing 153 UNSENDABLE PACKETS 133 Upgrades firmware See Firmware upgrades USB Configuration page 131 embedded Web server 82 Speed setting 56 83 Telnet configuration 56 TFTP configuration 35 User Datagram Protocol UDP Bonjour configuration 77 93 Datagram port control 79 V Validity pe...

Page 200: ...190 Index ENWW ...

Page 201: ......

Page 202: ... 2007 Hewlett Packard Development Company L P www hp com ...

Reviews:

No comments