manualshive.com logo in svg

SEH ThinPrint TPG120, User Manual, Page: 70 / 120

Share
Download
SEH ThinPrint TPG120 User Manual Download Page 70

Network Authentication

TPG User Manual

70

7.3

How to Configure EAP-TTLS

Benefits and

Purpose

EAP-TTLS (Tunneled Transport Layer Security) validates the identity
of devices or users before they gain access to network resources. You
can configure the TPG for the EAP-TTLS network authentication.
This makes sure that the TPG gets access to protected networks.

Basic Functions

EAP-TTLS consists of two phases:

 •  During phase 1, a TLS-encrypted channel between the TPG and 

the RADIUS server will be established. Only the RADIUS server 
authenticates itself using a certificate that was signed by a CA. 
This process is also referred to as ’outer authentication’.

 •  In phase 2, an additional authentication method is used for the 

communication within the TLS channel. EAP-defined methods and 
older methods (CHAP, PAP, MS-CHAP und MS-CHAPv2) are 
supported. This process is also referred to as ’inner authentication’. 

The advantage of this procedure is that only the RADIUS server
needs a certificate. Therefore no PKI is needed. Moreover, TTLS sup-
ports most authentication protocols. 

To make the connection more secure, you can install the root certi-
ficate of the RADIUS server on the TPG (Phase 1). The TPG validates the
identity of the RADIUS server by means of the certificate.

Requirements

;

The TPG is defined as user (with user name and password) on a 
RADIUS server.

What do you want

to do?

†

’Enabling EAP-TTLS via the TPG Homepage’ 

Ö

70

†

’Enabling EAP-TTLS via the InterCon-NetTool’ 

Ö

71

Enabling EAP-TTLS via the TPG Homepage

Proceed as follows:

1. Start the TPG Homepage.

Summary of Contents for ThinPrint TPG120

Page 1: ...ThinPrint Gateway TPG60 TPG120 User Manual ...

Page 2: ...com sales InterCon is a registered trademark of SEH Computertechnik GmbH SEH Computertechnik GmbH has endeavoured to ensure that the information in all manuals is correct If you detect any inaccuracies please inform us at the address indicated below SEH Computertechnik GmbH will not accept any liability for any error or omission The information in this manual is subject to change without notificat...

Page 3: ...o get Printer Status Messages 31 3 3 How to Get Status Information on the Printer Connections 33 3 4 How to Display the Job History 35 3 5 How to Print a Status or Service Page 37 4 Network and Device Settings 41 4 1 How to Configure TCP IP Parameters 42 4 2 How to Configure the DNS 44 4 3 How to Enable Disable Bonjour 45 4 4 How to Adapt the Network Speed 47 4 5 How to Configure the Device Time 4...

Page 4: ...FAST 74 8 Certificate Management 76 8 1 How to Create a Self Signed Certificate 77 8 2 How to Create a Certificate Request for CA Certificates 79 8 3 How to Save CA Certificates in the TPG 81 8 4 How to Save PKCS12 Certificates in the TPG 82 8 5 How to Save Root Certificates in the TPG 83 8 6 How to Delete Certificates 84 8 7 How to Install Certificates on a Windows Client 86 9 Maintenance 88 9 1 ...

Page 5: ... Documentation Ö 8 Support and Service Ö 10 Your Safety Ö 11 First Steps Ö 12 Saving the IP Address in the TPG Ö 13 This chapter contains information concerning the device and the documentation as well as notes about your safety You will learn how to benefit from your TPG and how to operate the device properly ...

Page 6: ...he server sends the compressed print data to a device with the implemented print Client This client then decompresses the print data transferring it to any printer Purpose The TPG ThinPrint Gateway contains a completely integrated Thin Print print client This ThinPrint print client allows you to receive and decompress print data The ThinPrint print gateways TPG60 an TPG120 were especially deve lop...

Page 7: ...d behind a firewall for example This allows the connection via masked networks as well as the assignment of the relevant print job to the respective end device ThinPrint SSL encryption safely protects print data during their transmission in the network ThinPrint print Clients or Gateways decrypt the data before printing System Requirements The TPG has been designed for the use in TCP IP based netw...

Page 8: ...ciated information units If you want to print this documentation we recommend using the printer setting Duplex or Booklet Terminology Used in this Document The explanation of technical terms used in this document is summa rized in a glossary see Ö 104 The glossary provides an overview of technical matters and background information that are necessary for a proper installation and configuration Use...

Page 9: ... beginning of instructions Individual instructions are set in italics ª Confirmation The arrow confirms the consequence of an action Requirements Hooks mark requirements that must be met before you can begin the action Option A square marks procedures and options that you can choose Eye catchers mark lists This sign indicates the summary of a chapter Ö The arrow marks a reference to a page within ...

Page 10: ...ort and user training sessions Current Services The following services can be found on the SEH website at www seh de current update files current tools current documentation current product information product data sheet FAQ and much more Monday through Thursday Friday from 8 00 a m to 5 45 p m and from 8 00 a m to 4 15 p m CET 49 0 521 94226 44 support seh de ...

Page 11: ...G allows communication between up to six twelve network printers and one ThinPrint ser ver The TPG has been designed for use in office environments Improper Use All uses of the device that do not comply with the TPG functionali ties described in the documentation are regarded as improper uses It is not allowed to make modifications to the hardware and soft ware or to try to repair the device Safet...

Page 12: ...nnect the TPG to the network and the mains supply Quick Installation Guide 2 Make sure that an IP address is stored in the TPG see Saving the IP Address in the TPG Ö 13 3 Define the ThinPrint port and other ThinPrint settings see Ö 52 4 Define the printers to which the TPG will send print jobs see How to Integrate Printers Ö 54 ª The TPG is operational ...

Page 13: ...elivery the boot protocols BOOTP and DHCP are enabled Once the TPG is connected to the network it checks whether an IP address can be obtained from the boot protocols BOOTP or DHCP If this is not the case the TPG assigns itself an IP address via ZeroConf from the address range 169 254 0 0 16 which is reserved for Zero Conf Once the TPG has automatically received an IP address via a boot protocol y...

Page 14: ... TPG later on BOOTP The TPG supports BOOTP which means that the IP address of the TPG can be assigned via a BOOTP server Requirements The BOOTP parameter has been activated see Ö 42 If the TPG is connected it asks the BOOTP host for the IP address and the host name The BOOTP host answers and sends a data packet containing the IP address The IP address is saved in the TPG DHCP The TPG supports DHCP...

Page 15: ... means of the arp and ping commands The arp command is used for editing the ARP table The ping com mand transfers a data packet containing the IP address to the hard ware address of the TPG If the data packet has been successfully sent and received the TPG permanently saves the IP address The implementation of the arp and ping command depends on the system used Read the documentation for your oper...

Page 16: ...stalled on the client see Ö 19 By means of the InterCon NetTool you can scan the network via Multicast The router in the network forwards multicast requests Proceed as follows 1 Start the InterCon NetTool 2 Mark the TPG in the device list The TPG is displayed in the device list under ZeroConf with an IP address from the address range 169 254 0 0 16 which is reserved for ZeroConf 3 Select Installat...

Page 17: ...all features for the administration of the TPG The TPG Homepage is stored in your TPG and can be started by means of an internet browser Internet Explorer Netscape Firefox Safari Requirements The TPG is connected to the network and the mains voltage The TPG has a valid IP address Starting the TPG Homepage Proceed as follows 1 Open your browser 2 Enter the IP address of the TPG as the URL ª The TPG...

Page 18: ...orre sponding page with its content is displayed You can set the language of the TPG Homepage via General Home Simply select the relevant flag You will also see contact information of the manufacturer Clicking the General Manuals link brings you to the SEH web site Here you can download the latest manuals as pdf files All other menu items are intended for the configuration of the TPG and are descr...

Page 19: ...ol is started the network will be scanned for connected network devices The network range to be scanned is freely definable All network devices found will be displayed in the device list You can modify the device list and adopt it to your individual needs You can mark and configure the devices in the device list Installation and Program Start In order to use the InterCon NetTool the program must b...

Page 20: ...ved in the NetTool ini file The file is stored in the directory Documents and Settings with the relevant user name Only for multi user operating systems MAC OS X The installation file is available as dmg for MAC systems Proceed as follows 1 Open the InterCon NetTool installation file The content of the file will appear on the screen 2 Start the pkg file 3 Follow the installation routine ª The Inte...

Page 21: ...iles depends on the distribution tgz files can be extracted directly without the Package Manager in the root directory deb files can be extracted using the Debian Package Manager Installation of the rpm Software Packet Proceed as follows 1 Log on to your system as root 2 Enter the following command via the console Syntax root rpm i complete packet name Example root rpm i InterCon NetTool 1_8 28 i3...

Page 22: ...g_wt_pt qm Before you start the InterCon NetTool make sure that the qm lan guage files the license file license txt and the tcpmon ini file are in the usr local lib nettool directory Proceed as follows 1 Enter the following command via the console Syntax user complete path name and program name Example user usr local bin nettool ª The InterCon NetTool is started If the path usr local bin is part o...

Page 23: ...g on which elements you have chosen to be shown or hidden Fig 3 InterCon NetTool Main Dialog The functions of the program elements will be described in the fol lowing Detailed information on how to use the InterCon NetTool can be found in the Online Help To start the Online Help select Help Online Help from the menu bar Toolbar Menu bar Filter for the device list Device list Log window ...

Page 24: ... Properties This opens the Properties dialog Change password This opens the Change password dialog Installation This starts a Wizard A wizard helps you to configure certain parameters Restart This opens the Restart dialog Default settings This opens the Load default settings dialog Print status page This opens the Print status page dialog Firmware Update This opens the Firmware Update dialog Refre...

Page 25: ...r You can select various filters in the left hand section of the main dialog Filters determine which network devices are shown in the device list The filters can be created and configured via the Filter menu You can modify the status of the device list by adding network devices creating a new list or refreshing the list Select the relevant command in the Search menu By activating an automatic refr...

Page 26: ...y possible if the routers in the network can handle multicast requests In networks without multicast support you can search for network devices within defined IP ranges To define the search parameters select Extras Settings from the menu bar category Search Options Logging Functions Logging means that actions carried out by the user or the Inter Con NetTool will be registered automatically and sav...

Page 27: ...vice list to start the dialog Configuration via Wizards Wizards facilitate the installation and configuration of network devices Wizards are subprograms aimed at querying required para meter values The IP wizard is available for the TPG The IP Wizard helps you to configure the TCP IP parameters e g the IP address To start the Wizard select Installation IP Wizard from the menu bar Configuration via...

Page 28: ... done via the SSL or TLS authentication We recommend using SSL This way no unencrypted user names passwords and data can be read by unauthorized persons In order to use FTPS you must install an FTP client on your computer that supports FTPS The following functionalities are supported Configuring Parameters via an FTP Connection Ö 29 Printing the Status Page via an FTP Connection Ö 39 Printing the ...

Page 29: ...either the TPG password or press ENTER if no password has been assigned 5 Transfer the parameters file from the TPG to your local computer get parameters 6 Edit the file using any text editor see Parameter List Ö 107 7 Send the file back to the TPG put parameters 8 Close the FTP connection quit ª The TPG will be configured using the new values 2 4 Administration via the TPG Status Button At the fr...

Page 30: ...tatus or Service Page Ö 37 3 1 How to Display TPG Status Information You can display status information such as the name of the TPG the hardware address serial and version numbers etc What do you want to do Displaying Status Information via the TPG Homepage Ö 30 Displaying Status Information via the InterCon NetTool Ö 31 Displaying Status Information via the TPG Homepage Proceed as follows 1 Start...

Page 31: ...rinter status messages idle printing warming up etc In order to get printer messages you must configure an SNMP query What do you want to do Configuring an SNMP Query via the TPG Homepage Ö 31 Configuring an SNMP Query via the InterCon NetTool Ö 32 Displaying Printer Messages via the TPG Homepage Ö 32 Displaying Printer Messages via the InterCon NetTool Ö 32 Configuring an SNMP Query via the TPG H...

Page 32: ...epage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration ThinPrint ª The printer messages are displayed under Status and are assigned to the printer IDs Displaying Printer Messages via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Double click the TPG in the device list The Properties dialog appears 3 Select Configuration ThinPrint from the navigation bar ª...

Page 33: ...he TPG Homepage Ö 34 Displaying the Printer Connection Status via the InterCon NetTool Ö 34 Configuring a ping Query via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration ThinPrint 3 Tick Monitoring via ping 4 Enter the interval in seconds into the Monitoring interval box 5 Click Save to confirm ª The settings are saved Connection Status Description Time out No co...

Page 34: ...settings are saved Displaying the Printer Connection Status via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration ThinPrint ª The printer connection status is displayed under Status and is assigned to the printer IDs Displaying the Printer Connection Status via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Double click the TPG in the devic...

Page 35: ...he print jobs will not be deleted when the TPG is restarted What do you want to do Displaying the Job History via the TPG Homepage Ö 35 Displaying the Job History via the InterCon NetTool Ö 35 Displaying the Job History via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Status Job History ª The Job History is displayed Displaying the Job History via the InterCon NetTool Proc...

Page 36: ... has been stopped This can occur if for example the printer ran out of paper If the printer error is fixed data transfer will be resumed Aborted means that the print job has been aborted This can occur if for example the TPG has been restarted while the print job was processed Protocol Protocol used to transfer the print data Name Name of the print job Sender IP address of the sending host Size Si...

Page 37: ...rinted you need to specify the printer and the data format of the status page ASCII PostScript DATAMAX or Citizen Z The default setting is the printer with the ID 1 What do you want to do Specifying the Data Format and the Printer via the TPG Homepage Ö 38 Specifying the Data Format and the Printer via the InterCon NetTool Ö 38 Printing the Status Page via the InterCon NetTool Ö 38 Printing the St...

Page 38: ...l Proceed as follows 1 Start the InterCon NetTool 2 Double click the TPG in the device list The Properties dialog appears 3 Select Configuration General from the navigation bar 4 Select the desired data format from the Status page mode list 5 Select Configuration ThinPrint from the navigation bar 6 Tick Status Page Printer for the desired printer 7 Click OK to confirm ª The settings are saved Prin...

Page 39: ...you wish to save the file 2 Open an FTP connection to the TPG Syntax ftp IP Address Example ftp 192 168 0 123 3 Enter an arbitrary user name 4 Enter either the TPG password or press ENTER if no password has been assigned 5 Transfer the status page from the TPG to your local computer get statuspage 6 Close the FTP connection quit 7 Open and print the file using a text editor ª The status page will ...

Page 40: ...he status page is printed Printing the Service Page via an FTP Connection Using an FTP connection you can download a service page to your local computer and print it Proceed as follows 1 Switch to the directory in which you wish to save the file 2 Open an FTP connection to the TPG Syntax ftp IP Address Example ftp 192 168 0 123 3 Enter an arbitrary user name 4 Enter either the TPG password or pres...

Page 41: ...Bonjour Ö 45 How to Adapt the Network Speed Ö 47 How to Configure the Device Time Ö 48 How to Configure the Language of the Device Ö 49 How to Determine a Description Ö 51 You can configure the device time and the device lan guage on the TPG You can define various parameters for an ideal integration of your TPG into a network This chapter explains which network settings are supported by the TPG ...

Page 42: ... The boot protocols BOOTP DHCP and ZeroConf belong to the TCP IP protocol family You can define various parameters for an ideal integration of your TPG into a TCP IP network What do you want to do Configuring TCP IP Parameters via the TPG Homepage Ö 42 Configuring TCP IP Parameters via the InterCon NetTool Ö 42 Configuring TCP IP Parameters via the TPG Homepage Proceed as follows 1 Start the TPG H...

Page 43: ...y as gateway address If disabled the gateway address has to be entered manually Host name Host name of the TPG Contact person Freely definable description Location Freely definable description DHCP BOOTP ARP PING ZeroConf Enables or disables the protocols DHCP BOOTP ARP PING and ZeroConf Protocols offer various possibilities to save the IP address in the TPG See Ö 13 We recommend to disable these ...

Page 44: ...e server for example What do you want to do Configuring DNS via the TPG Homepage Ö 44 Configuring DNS via the InterCon NetTool Ö 44 Configuring DNS via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration DNS 3 Configure the DNS parameters see Table 4 Ö 45 4 Click Save to confirm ª The settings are saved Configuring DNS via the InterCon NetTool Proceed as follows 1 S...

Page 45: ...er query with a different IP address If the IP address is available it is saved in the TPG The domain name service is used for additional Bonjour features Since there is no central DNS server in Bonjour networks each device and application has its own small DNS server This integrated DNS server mDNS collects and administers the information of all participants in the net In addition to the features...

Page 46: ...ows 1 Start the TPG Homepage 2 Select Configuration TCP IP 3 Tick clear Bonjour 4 Click Save to confirm ª The settings are saved Configuring Bonjour via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Double click the TPG in the device list The Properties dialog appears 3 Select Configuration TCP IP from the navigation bar 4 Tick clear Bonjour 5 Click OK to confirm ª The set...

Page 47: ...uplex What do you want to do Adapting the Speed via the TPG Homepage Ö 47 Adapting the Speed via the InterCon NetTool Ö 47 Adapting the Speed via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration General 3 Select the desired setting from the Ethernet settings list 4 Click Save to confirm ª The setting is saved Adapting the Speed via the InterCon NetTool Proceed as...

Page 48: ...eceived by the time server does not necessarily correspond to your local time zone Deviations from your location and the resul ting time difference including country specific particularities such as Daylight Saving Time can be handled by means of the Time zone parameter Requirements A time server is integrated into the network What do you want to do Configuring the Device Time via the TPG Homepage...

Page 49: ...e code for your local time zone from the Time zone list 7 Click OK to confirm ª The settings are saved 4 6 How to Configure the Language of the Device You can define the language of the device The language of the device is displayed on the TPG Homepage and in the status informa tion e g the status page The TPG supports the following langua ges What do you want to do Configuring the Language of the...

Page 50: ...k Save to confirm ª The settings are saved Restart the TPG Homepage for the new settings to take effect Configuring the Language of the Device via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Double click the TPG in the device list The Properties dialog appears 3 Select Configuration General from the navigation bar 4 Select the desired language from the TPG language list ...

Page 51: ...scriptions via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration General 3 Enter freely definable names for Description Dealer and Dealer URL 4 Click Save to confirm ª The data is saved Determining Descriptions via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Double click the TPG in the device list The Properties dialog appears 3 Select C...

Page 52: ...Print server Port 4000 is preset You can change the port number if necessary What do you want to do Defining the ThinPrint Port via the TPG Homepage Ö 52 Defining the ThinPrint Port via the InterCon NetTool Ö 53 Defining the ThinPrint Port via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration ThinPrint 3 Enter the port number into the ThinPrint port box 4 Click Sa...

Page 53: ...icated in bit second bit s The bandwidth that is needed for print jobs can be limited to a fre ely definable value for each ThinPrint port server side You can further decrease the bandwidth limit on the port of the TPG client side Defining a bandwith value on the TPG which is higher than the defi ned value server side will have no effect In this case the pre defi ned value will be applied What do ...

Page 54: ... the printers The print jobs are assigned via a printer ID Up to six TPG60 or twelve TPG120 network printers can be connected to the TPG When integrating the connected printers you must define the prin ter parameters name driver remote address and a transfer method Transfer method Data transfer between the TPG and the printers can be done in two ways Usually data is transferred to the TCP IP port ...

Page 55: ...rk the option in front of the field with the TCP IP port number To choose an LPD connection mark the option in front of the field with the LPD queue name 5 Click Save to confirm ª The settings are saved Integrating Printers via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Double click the TPG in the device list The Properties dialog appears 3 Select Configuration ThinPrin...

Page 56: ...identified by its printer ID Printer The printer name is a description and is used to distinguish the printers The printer can only use the print AutoConnect feature if a printer name was defined Class Printers with compatible drivers can be arranged in one class You can also define a printer class if you want to use the print AutoConnect feature Driver Printer driver for the embedded printers Rem...

Page 57: ...ia TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration ThinPrint 3 In the Printer open timeout and Job send timeout fields enter the periods of time in seconds after which the timeouts should take effect 0 seconds off 4 Click Save to confirm ª The settings are saved Defining Timeouts via InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Double click the...

Page 58: ...n Service you must store the client ID and an authentication key in the database of the Connection Service You must also set these two values on the TPG Please note that you need a ThinPrint license for each client ID What do you want to do Configuring the Connection Service via the TPG Homepage Ö 58 Configuring the Connection Service via the InterCon NetTool Ö 58 Configuring the Connection Servic...

Page 59: ...n Connection Service Enables disables the print Connection Service Connection Server IP address of the server on which the Connection Service is installed Port Port number used by the TPG to communicate with the Connection Service default 4001 Client ID Client ID as stored in the database of the Connection Service The client ID is needed by the Connection Service to forward print jobs to the TPG A...

Page 60: ...Ö 62 How to Enable Disable FTP HTTP Port Control Ö 63 How Does the TPG Receive Encrypted Data Ö 65 More secure related topics from other chapters Administer the TPG via FTPS Connections Ö 28 Authenticate the TPG in the Network Ö 66 Authenticate the TPG Client if the administrative access to the TPG Homepage via SSL HTTPs is protected Ö 86 A number of security mechanisms are available to ensure opt...

Page 61: ...a password must be entered when starting the TPG Homepage or when opening the Properties dialog What do you want to do Defining the Password via the TPG Homepage Ö 61 Defining the Password via the InterCon NetTool Ö 61 Defining the Password via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration Protection 3 Enter a password into the Password box in order to define ...

Page 62: ...nter the IP addresses or host names of the clients into the IP sender box The TPG will only accept data packets from the specified clients Up to eight IP senders can be spe cified The use of wildcards allows you to define subnetworks Once an IP sender has been defined all undefined clients lose their access rights What do you want to do Assigning Authorizations via the TPG Homepage Ö 62 Assigning ...

Page 63: ... The TPG cannot be attacked directly by viruses Attacks to open ports can have a certain influence on the TPG and affect its func tions Protecting the TPG against Attacks To prevent attacks to these ports you can disable the protocols FTP FTPS or HTTP on the TPG If you have disabled FTP FTPS all functions based on these protocols are no longer available see Administration via an FTP FTPS Connectio...

Page 64: ...bling a Protocol via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration Protection 3 Tick Clear HTTP or FTP 4 Click Save to confirm ª The setting is saved EnablingDisabling a Protocol via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Double click the TPG in the device list The Properties dialog appears 3 Select Configuration Protection from...

Page 65: ... certificate the ThinPrint server checks whether the TPG is authorized to receive the print data If an encryption was enabled on the ThinPrint server you must install a certificate from a corresponding Certification Authority both on the ThinPrint server and the TPG To authorize the TPG to receive encrypted print data proceed as follows Create a certificate request see How to Create a Certificate ...

Page 66: ...thentication server RADIUS First you must define the authentication procedure TLS PEAP TTLS etc to be used and configure it on all network devices involved What is RADIUS RADIUS Remote Authentication Dial In User Service is an authen tication and account management system that validates user login information and grants access to the desired resources What information do you need The TPG supports ...

Page 67: ...D5 must then be enabled on the TPG and the user name and password need to be entered Requirements The TPG is defined as user with user name and password on a RADIUS server What do you want to do Enabling EAP MD5 via the TPG Homepage Ö 67 Enabling EAP MD5 via the InterCon NetTool Ö 67 Enabling EAP MD5 via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration Protection...

Page 68: ... 7 2 How to Configure EAP TLS Benefits and Purpose EAP TLS Transport Layer Security validates the identity of devices or users before they gain access to network resources You can con figure the TPG for the EAP TLS network authentication This makes sure that the TPG gets access to protected networks Basic Functions EAP TLS describes a certificate based authentication method via a RADIUS server For...

Page 69: ...o reset the TPG parameters see Ö 92 Procedure Create a certificate request on the TPG see Ö 79 Create a CA certificate using the certificate request and the authentication server Install the CA certificate on the TPG see How to Save CA Certificates in the TPG Ö 81 Install the root certificate of the authentication server on the TPG see How to Save Root Certificates in the TPG Ö 83 Enable the authe...

Page 70: ...tional authentication method is used for the communication within the TLS channel EAP defined methods and older methods CHAP PAP MS CHAP und MS CHAPv2 are supported This process is also referred to as inner authentication The advantage of this procedure is that only the RADIUS server needs a certificate Therefore no PKI is needed Moreover TTLS sup ports most authentication protocols To make the co...

Page 71: ... ª The settings are saved Enabling EAP TTLS via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Double click the TPG in the device list The Properties dialog appears 3 Select Configuration Protection from the navigation bar 4 Select the Authentication tab 5 Select EAP TTLS from the Authentication list 6 Enter the user name and the password that are used for the configuration...

Page 72: ... to establish another connection that can be protected by means of additional EAP authentication methods e g MSCHAPv2 The advantage of this procedure is that only the RADIUS server needs a certificate Therefore no PKI is needed PEAP uses the advan tages of TLS and supports various authentication methods including user passwords and one time passwords Requirements The TPG is defined as user with us...

Page 73: ... NetTool 2 Double click the TPG in the device list The Properties dialog appears 3 Select Configuration Protection from the navigation bar 4 Select the Authentication tab 5 Select EAP PEAP from the Authentication list 6 Enter the user name and the password that are used for the configuration of the TPG on the RADIUS server 7 Select the settings intended to secure the communication in the TLS chann...

Page 74: ...nnel PACs are credentials that comprise up to three components A shared secret key that contains the preshared key between the TPG and the RADIUS server An opaque part that is provided to the TPG and presented to the RADIUS server when the TPG wishes to obtain access to network resources Other information that may be useful to the client optional EAP FAST uses two methods to generate PACs The manu...

Page 75: ...on in the channel 7 Click Save to confirm ª The settings are saved Enabling EAP FAST via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Double click the TPG in the device list The Properties dialog appears 3 Select Configuration Protection from the navigation bar 4 Select the Authentication tab 5 Select EAP FAST from the Authentication list 6 Enter the user name and the pas...

Page 76: ...Ps SSL is protected see Ö 86 to administer the TPG via an FTPS connection see Ö 28 If you want to use certificates it is advisable to protect the TPG by a password so that certificates cannot be deleted by unauthorized persons see Ö 61 Which Certificates are available Both self signed certificates and CA certificates can be used in the TPG The following certificates can be distinguished Self signe...

Page 77: ...CS12 Certificates in the TPG Ö 82 How to Save Root Certificates in the TPG Ö 83 How to Delete Certificates Ö 84 How to Install Certificates on a Windows Client Ö 86 8 1 How to Create a Self Signed Certificate When a certificate is created on the TPG for the first time a list of parameters is displayed that are required for the certificate If a self signed certificate or a CA certificate has alread...

Page 78: ... by clicking Next ª The certificate will be created and installed This may take a few minutes Table 7 Parameters for the Creation of Certificates Parameters Description Common name Is used to clearly identify the certificate It is advisable to use the IP address or the host name of the TPG to allow a clear assignment of the certificate to the TPG You can enter a maximum of 64 characters E mail add...

Page 79: ... this case you have to delete the existing certificate first see How to Delete Certificates Ö 84 After the creation of a certificate request no self signed certificate can be created until the CA certificate has been saved in the TPG What do you want to do Creating a Certificate Request via the TPG Homepage Ö 79 Creating a Certificate Request via the InterCon NetTool Ö 80 Creating a Certificate Re...

Page 80: ...ting a Certificate Request via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Mark the TPG in the device list 3 Select Actions Certificate Server certificate from the menu bar The Certificate dialog appears 4 Tick Create certificate request 5 Click Next 6 Enter the relevant parameters see Table 7 Ö 78 7 Click Next The parameters are listed 8 Confirm by clicking Next The cre...

Page 81: ... Select Configuration Certificates 3 Select TPG certificate 4 Click Browse 5 Specify the CA certificate 6 Click Load Certificate ª The CA certificate is saved in the TPG This may take a few minutes Saving CA Certificates via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Mark the TPG in the device list 3 Select Actions Certificate Server certificate from the menu bar The Ce...

Page 82: ...ficates via the TPG Homepage Ö 82 Saving PKCS12 Certificates via the InterCon NetTool Ö 82 Saving PKCS12 Certificates via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration Certificates 3 Select TPG certificate 4 Click Load certificate pkcs12 format 5 Click Browse 6 Specify the CA certificate 7 Enter the password 8 Click Load PKCS12 ª The PKCS12 certificate is save...

Page 83: ...stall the root certificate of the authentication server RADIUS on the TPG see How to Configure EAP TLS Ö 68 The certificate must be in base 64 format What do you want to do Saving Root Certificates via the TPG Homepage Ö 83 Saving Root Certificates via the InterCon NetTool Ö 84 Saving Root Certificates via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Configuration Certific...

Page 84: ... 8 6 How to Delete Certificates If a self signed certificate or a CA certificate is saved in the TPG the content of this certificate will be displayed under TPG certificate If you want to use a different certificate you must first delete the exi sting certificate What do you want to do Deleting Certificates via the TPG Homepage Ö 84 Deleting Certificates via the InterCon NetTool Ö 85 Deleting Cert...

Page 85: ...ificates via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Mark the TPG in the device list 3 Select Actions Certificate Server certificate from the menu bar The Certificate dialog appears 4 Click Delete ª The certificate is deleted ...

Page 86: ...uring a so called handshake the client asks the SSL server via browser for a CA certificate If a certificate is unknown to the Windows client the certificate is not classed as trusted In this case you will get an error message Install the certificate on the Windows client using a browser in order to make the certificate known to the client Example One method using the Internet Explorer 7 is descri...

Page 87: ...lorer Certificate Error 3 Click View certificates The Certificate dialog appears Fig 8 Internet Explorer Certificate 4 Class the certificate as trusted and click Install Certificate The Certificate Import Wizard is started 5 Follow the instructions of the Wizard ª The certificate is installed on the client and is classed as trusted ...

Page 88: ... 89 How to Reset Parameters to their Default Values Ö 92 How to Perform an Update Ö 96 How to Restart the TPG Ö 102 Various maintenance procedures can be carried out on the TPG This chapter contains information on securing and resetting the parameter values It also explains how to restart and update the device ...

Page 89: ...Client via the InterCon NetTool Ö 89 Editing the Parameters File using a Text Editor Ö 90 Downloading the Parameters File to one or more TPG using the InterCon NetTool Ö 91 Downloading the Parameters File to the TPG using the TPG Homepage Ö 92 Saving the Parameters File to the Client via the InterCon NetTool The parameters file can be copied to any system using the Inter Con NetTool Proceed as fol...

Page 90: ...tor that is provided by the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Mark the TPG in the device list 3 Select Actions Download Parameters File from the menu bar The Parameter Download dialog appears 4 Click Choose The Parameter Download dialog appears 5 Specify the parameters file 6 Click Open 7 Click Edit A text editor with the parametrers file will be opened 8 Edit the ...

Page 91: ...lick Choose The Parameter Download dialog appears see Fig 9 Ö 90 5 Specify the parameters file 6 Click Open 7 Decide on the password option If the TPG displayed in the list are not password protected or protected by different passwords activate Ask for each password If the TPG are protected by the same password activate Use this password and enter the password 8 Click Start download By clicking St...

Page 92: ...to the TPG The TPG parameters will be configured in accordance with the file 9 2 How to Reset Parameters to their Default Values You can reset all TPG parameters to their default values factory default settings All previously configured parameters will be dele ted in this process Installed certificates will not be deleted Since the IP address of the TPG will be reset as well the TPG Homepage canno...

Page 93: ...s via the InterCon NetTool Ö 93 Resetting Parameters via an FTP Connection Ö 94 Resetting Parameters via the TPG Status Button Ö 94 Resetting Parameters via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Actions Default Settings 3 Click Default Settings ª The parameters are reset Resetting Parameters via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 ...

Page 94: ...The reset process comprises three different steps In the first step the TPG is forced into reset mode The parameters are reset in this mode The second step involves restarting the device In the third step a status page is printed The status page can be used to check whether the parameters were successfully reset IMPORTANT The reset mode is signaled by the simultaneous flas hing of the Activity LED...

Page 95: ...it pressed Turn the TPG on Reconnect the power socket Turn the TPG on Reconnect the power socket Wait until the Activity and Status LED start blinking simultaneously The Reset Mode is activate Press the status button for a short time Release the status button for about 2 seconds The LEDs blink alternatingly Press the status button once again and keep it pressed The LEDs blink simultaneously After ...

Page 96: ...an also start the TPG Homepage and select Status General Where Do I Find the Update Files You can download the current software files from the website www seh de Every update file has its own readme file Take note of the informa tion contained in the readme Update Types An update can be carried out manually standard update or auto matically dynamic update In the case of a standard update the updat...

Page 97: ...Dynamic Update via the TPG Homepage Ö 99 Dynamic Update via the InterCon NetTool Ö 100 Dynamic Update via FTP Ö 101 Perform an Update to more than one TPG Ö 101 Standard Update via the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Actions Download Area 3 Select Standard Firmware Update 4 Click Browse 5 Select the update file 6 Click Download ª The update is executed The TPG is ...

Page 98: ... Standard Update via FTP You can update the standard of your TPG via an FTP connection Proceed as follows 1 Change to the directory where the update file is located 2 Open an FTP connection to the TPG Syntax ftp IP address of the TPG Example ftp 192 168 0 123 3 Enter an arbitrary user name 4 Enter either the TPG password or press ENTER if no password has been assigned 5 Switch to binary mode bin ...

Page 99: ... Area 3 Select Dynamic Firmware Update 4 Tick Dynamic Firmware Update 5 Specify the IP address of the file server on which the new software files are to be stored Syntax ftp file server IP address Software file name Example ftp 192 168 0 100 tpg 10 1 3 bin If your system supports name resolution via WINS DHCP or DNS you can enter the name of the file server instead of the IP address of the file se...

Page 100: ...oceed as follows 1 Start the InterCon NetTool 2 Mark the TPG in the device list 3 Select Actions Firmware Update Dynamic Update from the menu bar The Dynamic Updatedialog appears 4 Tick Dynamic Firmware Update 5 Specify the IP address of the file server on which the new software files are to be stored Syntax ftp file server IP address Software file name Example ftp 192 168 0 100 tpg 10 1 3 bin If ...

Page 101: ...n NetTool allows you to carry out an update to more than one TPG Requirements All required software files Updates are located in one directory Proceed as follows 1 Start the InterCon NetTool 2 Select the TPGs from the device list 3 Select Actions Firmware Update from the menu bar The Dynamic Updatedialog appears 4 Click Choose 5 Select the directory in which the software files are located 6 Click ...

Page 102: ... Restarting the TPG using the TPG Homepage Proceed as follows 1 Start the TPG Homepage 2 Select Actions Restart 3 Click Restart TPG ª The TPG is restarted Restarting the TPG via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Mark the TPG in the device list 3 Select Actions Restart from the menu bar The Restart print server dialog appears 4 Click Finish ª The TPG is restarte...

Page 103: ...x TPG User Manual 103 10 Appendix What information do you need Glossary Ö 104 Parameter List Ö 107 List of Figures Ö 117 Index Ö 118 The appendix contains a glossary the TPG parameter list and the index lists ...

Page 104: ...s of its world wide unique hardware address This address is commonly referred to as the MAC or Ether net address The manufacturer has defined this address in the hard ware of the device The address consists of 12 hexadecimal numbers The first six numbers represent the manufacturer while the last six numbers identify the individual device The hardware address is found on the housing the TPG Homepag...

Page 105: ...he TPG default name is found on the TPG Homepage the Inter Con NetTool or the status page IP Address The IP address is the unique address of each node in a network i e an IP address may occur only once on a local network The system administrator usually assigns the IP address The address must be saved in the TPG to make sure that it can be addressed within the network Operating system Representati...

Page 106: ...ou wish to use a gateway you can configure the relevant parameter via the TPG Homepage or the InterCon NetTool Subnet mask With the help of the subnet mask large networks can be split up into subnetworks In this case the user IDs of the IP addresses are assigned to the various subnetworks The TPG is configured not to use subnetworks by default If you wish to use a subnetwork you can configure the ...

Page 107: ...the individual parameters What information do you need Parameter List General Ö 108 Parameter List ThinPrint Ö 108 Parameter List TCP IP Ö 111 Parameter List DNS Ö 113 Parameter List SNTP Ö 113 Parameter List Protection Ö 114 Parameter List EAP Authentication Ö 115 Parameter List Dynamic Update Ö 116 To view the current parameter values of your TPG see How to Print a Status or Service Page Ö 37 ...

Page 108: ...l kr Korean en Defines the language of the TPG sp_mode Status page mode ASCII PostScript DATAMAX Citizen Z ASCII Defines the data format in which the status page is printed eth_conf Ethernet Settings 0 Auto 1 10BaseT FL HALF 2 10BaseT FL FULL 3 100BaseTX FX HALF 4 100BaseTX FX FULL 0 Defines the network speed of the TPG Auto means that the network speed is recognized automatically If the speed is ...

Page 109: ... Connection Service tp_conserver Connection Server valid IP address 000 000 000 000 Defines the IP address of the server on which the Connection Service is installed tp_conport Port 1 65535 5 characters 0 9 4001 Defines the port number used by the TPG60 to communicate with the Connection Service tp_retry Connection retry versuch 5 6000 4 characters 0 9 120 Defines the interval in seconds for conne...

Page 110: ...age_printer Status page printer TPG60 1 6 TPG120 1 12 1 Defines the ID of the status page printer tp1_printer_name tp12_printer_name Printer max 32 characters a z A Z 0 9 _ blank Freely definable description of the printer name tp1_printer_class tp12_printer_class Class max 7 characters a z A Z 0 9 blank Defines the printer class Printers with compatible drivers can be arranged in one class tp1_pr...

Page 111: ...ew status information about the printer connection monitor_snmp Monitoring via SNMP on off on Enables disables a periodical snmp query to the remote addresses of the assigned printers The snmp query allows you to view printer messages monitor_poll Monitoring interval 1 6000 4 characters 0 9 20 Defines the interval of an snmp or ping query in seconds Parameters Value Default Description ip_addr IP ...

Page 112: ... as gateway address If disabled the gateway address has to be entered manually ip_zconf ZeroConf on off on Enables disables the automatic verification of an IP address conflict via ZeroConf ZeroConf describes a procedure for the automatic assignment of IP addresses bonjour Bonjour on off on Enables disables the Bonjour service sys_name Host name max 64 characters Default name Defines the host name...

Page 113: ...ry Secondary DNS server valid IP address 000 000 000 000 Defines the IP address of the secondary DNS server The secondary DNS server is used if the primary DNS server is not available Parameters Value Default Description sntp SNTP on off on Enables disables the use of a time server sntp_server Time server max 255 characters blank Defines a time server via the IP address or the domain name The doma...

Page 114: ...word was set at an earlier stage see above ip1_sender ip8_sender IP sender max 255 characters Defines the IP address or host name of the client that is authorized to address the TPG in the network Once an IP sender has been defined all undefined clients lose their authorization Up to eight IP senders can be specified The use of wildcards is possible to authorize subnetworks for example http HTTP o...

Page 115: ...lank Defines the password of the TPG as saved in the authentication server RADIUS eap_auth_ anonymous_name Anonymous name max 64 characters blank Defines the anonymous name for the unencrypted part of the EAP authentication methods TTLS PEAP and FAST eap_auth_intern Inner Authentication 0 none 1 MSCHAP 2 MSCHAPv2 3 PAP 4 CHAP 5 EAP MD5 6 EAP MSCHAP 7 EAP MSCHAPv2 8 EAP TLS 0 Defines the kind of in...

Page 116: ...Enable disables the dynamic update dyn_update_url Update URL max 255 characters blank Defines the location of the files needed for the dynamic update dyn_proxy Use proxy server on off off Enables disables the use of a proxy server for the dynamic update dyn_proxy_ur Proxy server max 255 characters blank Defines the URL of the proxy server used for the dynamic update ...

Page 117: ...Con NetTool Main Dialog 23 TPG Status Page 39 InterCon NetTool Authentication 68 Internet Explorer Security Alert 86 Internet Explorer Certificate Error 87 Internet Explorer Certificate 87 InterCon NetTool Parameter Download 90 InterCon NetTool Update 98 TPG Homepage Dynamic Firmware Update 100 InterCon NetTool Restart 102 ...

Page 118: ...ertificates 66 76 Certification authority 76 Configuration parameter See Parameter Connection Status 33 D Default certificate 77 Default name 105 Default setting 92 Descriptions 51 Device number 105 DHCP 14 DNS Domain Name Service 44 Documentation 8 Domain name 44 Download parameters file 29 Service page 40 Status page 39 Dynamic update 96 E EAP FAST 74 EAP MD5 67 EAP TLS 68 EAP TTLS 70 Encrypted ...

Page 119: ...r list 107 Parameters Configuration via FTP 29 Default setting 92 parameters file 89 Resetting 92 parameters file 29 89 Password 61 PEAP 72 ping 33 Port number 52 Printer ID 54 Printer open timeout 56 Printer status messages 31 Printing Service page 40 Status page 39 40 Protection against unauthorized access 61 against viruses 63 Protocol BOOTP 14 DHCP 14 FTP 63 HTTP 63 ZeroConf 14 Purpose 6 R Rea...

Page 120: ...rinter 37 Printing 37 Subnet Mask 106 Support 10 System Requirements 7 T TCP IP 42 ThinPrint port 52 Bandwidth 53 Time of the device 48 Time server 48 Time zone 48 Toolbar 24 TPG Resetting 92 TPG Homepage 17 Start 17 Transfer method 54 U Update 96 UTC 48 W Wizard 27 Write Protection 61 Z ZeroConf 14 ...

Reviews:

No comments