![background image](http://html.mh-extra.com/html/hp/jetdirect-640n/jetdirect-640n_administrators-manual_163697118.webp)
Default Rule example
The following illustrates the print server behavior depending on whether the default rule is set to
Allow
or
Drop
(default).
IPsec Policy Configuration Example
: IPsec is enabled on the print server with the following rule:
●
All IPv4 Addresses
●
All Jetdirect Print Services
●
A simple IPsec template for these addresses and services is configured.
If the
Default Rule
is set to
Allow
, then:
●
An IP packet that is not IPsec-protected, but with an IPv4 address directed to printing port 9100 is
not
processed
(dropped) because it violates the configured rule.
●
An IP packet that is not IPsec-protected, but with an IPv4 address to a service port other than port 9100 (such as
Telnet), is allowed and processed.
If the
Default Rule
is set to
Drop
, then:
●
An IP packet that is not IPsec-protected, but with an IPv4 address directed to printing port 9100 is
not
processed
(dropped) because it violates the configured rule.
●
An IPsec packet with IPv4 address directed to printing port 9100 is allowed and processed because it matches the rule.
●
A non-IPsec packet with IPv4 address to the Telnet port is dropped because it violates the default rule.
IPsec security associations (SA)
If a packet is IPsec-protected, there must be an IPsec security association (SA) for it. A security
association defines how an IP packet from one host to another is protected. Among many things, it
defines the IPsec protocol to use, the authentication and encryption keys, and duration of key use.
An IPsec SA is unidirectional. A host can have an inbound SA and an outbound SA associated with
particular IP packet protocols and services, and the IPsec protocol used to protect them.
When properly configured, the IPsec rules define the security associations for IP traffic to and from
the HP Jetdirect print server and can ensure all traffic is secure.
HP Jetdirect IPsec/Firewall wizard
Use the IPsec/Firewall wizard to create one or more rules to be applied to IP traffic. Click
Add Rules
to start the IPsec/Firewall wizard.
108 Chapter 5 IPsec/Firewall configuration (V.45.xx.nn.xx)
ENWW
Summary of Contents for Jetdirect 640n
Page 2: ......
Page 3: ...HP Jetdirect Print Servers Administrator s Guide Firmware V 45 xx nn ...
Page 24: ...14 Chapter 2 HP software solutions summary ENWW ...
Page 114: ...104 Chapter 4 HP Embedded Web Server V 45 xx nn xx ENWW ...
Page 148: ...138 Chapter 7 Troubleshoot the HP Jetdirect print server ENWW ...
Page 202: ...192 Appendix C HP Jetdirect control panel menus V 45 xx nn xx ENWW ...
Page 220: ...210 Appendix D Open source licensing statements ENWW ...
Page 226: ...216 Index ENWW ...
Page 227: ......
Page 228: ... 2012 Hewlett Packard Development Company L P www hp com ...