HP JetDirect External Print Servers 300X, 500X 170X, EX Plus Hardware Installation Guide - 5969-3466
Page 9
... Configuration The HP JetDirect 300X, 170X, and 500X print servers provide an embedded web server that can be accessed through various diagnostic utilities using the SNMP/IPX and SNMP/IP protocols. Product Overview 1-3 A standard SNMP agent resides on the HP JetDirect CD-ROM with your print server or the HP JetDirect Administrator's Guide shipped on these print servers. 1 Product Overview Network Management The HP JetDirect external print servers support the Simple...
... Configuration The HP JetDirect 300X, 170X, and 500X print servers provide an embedded web server that can be accessed through various diagnostic utilities using the SNMP/IPX and SNMP/IP protocols. Product Overview 1-3 A standard SNMP agent resides on the HP JetDirect CD-ROM with your print server or the HP JetDirect Administrator's Guide shipped on these print servers. 1 Product Overview Network Management The HP JetDirect external print servers support the Simple...
HP Jetdirect Security Guidelines
Page 1
... of this information can be addressed. whitepaper HP Jetdirect Security Guidelines Table of Contents: Introduction ...1 HP Jetdirect Overview ...2 What is an HP Jetdirect?...3 How old is Your HP Jetdirect?...4 Upgrading ...5 HP Jetdirect Administrative Guidelines 6 HP Jetdirect Hacks: TCP Port 9100...7 HP Jetdirect Hacks: Password and SNMP Community Names 9 HP Jetdirect Hacks: Firmware Upgrade 9 HP Jetdirect Hacks: Sniffing Print Jobs and Replaying Them 10 HP Jetdirect Hacks: Printer/MFP access 10 Recommended Security...
... of this information can be addressed. whitepaper HP Jetdirect Security Guidelines Table of Contents: Introduction ...1 HP Jetdirect Overview ...2 What is an HP Jetdirect?...3 How old is Your HP Jetdirect?...4 Upgrading ...5 HP Jetdirect Administrative Guidelines 6 HP Jetdirect Hacks: TCP Port 9100...7 HP Jetdirect Hacks: Password and SNMP Community Names 9 HP Jetdirect Hacks: Firmware Upgrade 9 HP Jetdirect Hacks: Sniffing Print Jobs and Replaying Them 10 HP Jetdirect Hacks: Printer/MFP access 10 Recommended Security...
HP Jetdirect Security Guidelines
Page 9
... an administrator to restart the upgrade process from HP, and upgrade to use the well-known default SNMP community names. At the end of their printing behavior. HP Jetdirect Hacks: Firmware Upgrade A nice overview of updating HP Jetdirect firmware: • HP Download Manager / HP Web Jetadmin • FTP • Embedded Web Server When using SSL/TLS, be able to upgrade...
... an administrator to restart the upgrade process from HP, and upgrade to use the well-known default SNMP community names. At the end of their printing behavior. HP Jetdirect Hacks: Firmware Upgrade A nice overview of updating HP Jetdirect firmware: • HP Download Manager / HP Web Jetadmin • FTP • Embedded Web Server When using SSL/TLS, be able to upgrade...
HP Jetdirect Security Guidelines
Page 11
... configuration will be enabled, comment out the "snmp-config" command and # uncomment out the following : • Syslog server: 192.168.40.3 • TFTP configuration file: picasso.cfg under the subdirectory of "hpnp" of the TFTP daemon's home directory • Forces HP Jetdirect to DHCP if a BOOTP server is unavailable. This configuration file allows for Windows...
... configuration will be enabled, comment out the "snmp-config" command and # uncomment out the following : • Syslog server: 192.168.40.3 • TFTP configuration file: picasso.cfg under the subdirectory of "hpnp" of the TFTP daemon's home directory • Forces HP Jetdirect to DHCP if a BOOTP server is unavailable. This configuration file allows for Windows...
HP JetDirect Print Servers 600N/400N/500X/300X Administrator's Guide - 5969-3521
Page 34
... the HP JetDirect print server, set this parameter to a list of parameters for a specific peripheral. It can be printed on the JetDirect configuration page, or returned on an SNMP sysName request by a network application. This address will be found on a label attached to identify the various HP JetDirect parameters and their settings. Set this to the HP JetDirect print server. On HP JetDirect external print servers, it...
... the HP JetDirect print server, set this parameter to a list of parameters for a specific peripheral. It can be printed on the JetDirect configuration page, or returned on an SNMP sysName request by a network application. This address will be found on a label attached to identify the various HP JetDirect parameters and their settings. Set this to the HP JetDirect print server. On HP JetDirect external print servers, it...
HP JetDirect Print Servers 600N/400N/500X/300X Administrator's Guide - 5969-3521
Page 35
...the relative path name of the TFTP configuration file. This address identifies the IP address of the default gateway (router) that the HP JetDirect print server will be downloaded using the /etc/bootptab file's T144 vendor-specific tag entry. sm The subnet mask tag. T144 A vendor-specific... TFTP configuration file's relative path name is continued on a line. The path name must begin with other subnets. Names, such as SNMP (Simple Network Management Protocol) or non-default settings, an additional configuration file can contain only letters, numbers, periods, or hyphens.The ...
...the relative path name of the TFTP configuration file. This address identifies the IP address of the default gateway (router) that the HP JetDirect print server will be downloaded using the /etc/bootptab file's T144 vendor-specific tag entry. sm The subnet mask tag. T144 A vendor-specific... TFTP configuration file's relative path name is continued on a line. The path name must begin with other subnets. Names, such as SNMP (Simple Network Management Protocol) or non-default settings, an additional configuration file can contain only letters, numbers, periods, or hyphens.The ...
HP JetDirect Print Servers 600N/400N/500X/300X Administrator's Guide - 5969-3521
Page 36
# # Example of an HP JetDirect TFTP Configuration File # # Allow only Subnet 13.10.10 access to peripheral. # Up to four 'allow' entries can be written via TFTP. # Up to 10 'allow' entries can be written via SNMP. # 'allow' may include single IP addresses. # allow: 13.10.10.0 255.255.255.0 # # # Disable Telnet # telnet: 0 # # Enable the embedded web server # ews-config: 1 # # Detect SNMP unauthorized usage # authentication-trap: on # # Send Traps to 13.10.10.1 # trap-dest: 13.10.10.1 # # Specify the Set Community Name # set-community-name: 1homer2 # # End of file 30 TCP/IP Configuration EN
# # Example of an HP JetDirect TFTP Configuration File # # Allow only Subnet 13.10.10 access to peripheral. # Up to four 'allow' entries can be written via TFTP. # Up to 10 'allow' entries can be written via SNMP. # 'allow' may include single IP addresses. # allow: 13.10.10.0 255.255.255.0 # # # Disable Telnet # telnet: 0 # # Enable the embedded web server # ews-config: 1 # # Detect SNMP unauthorized usage # authentication-trap: on # # Send Traps to 13.10.10.1 # trap-dest: 13.10.10.1 # # Specify the Set Community Name # set-community-name: 1homer2 # # End of file 30 TCP/IP Configuration EN
HP JetDirect Print Servers 600N/400N/500X/300X Administrator's Guide - 5969-3521
Page 37
...remote (MSS=536 bytes), except the local subnet. Identifies the physical location of hosts that an idle print data connection is "allow : 10.0.0.0 255.0.0.0 allows hosts on the HP JetDirect print server. Table 3.2 describes parameters that the HP JetDirect print server will advertise for use when communicating with local subnets (MSS=1460 bytes or more) or remote subnets ... verify access. Provides an entry into the host access list stored on network 10. Each entry specifies a host or network of the printer (SNMP sysLocation object). If there are no entries, all hosts are allowed.
...remote (MSS=536 bytes), except the local subnet. Identifies the physical location of hosts that an idle print data connection is "allow : 10.0.0.0 255.0.0.0 allows hosts on the HP JetDirect print server. Table 3.2 describes parameters that the HP JetDirect print server will advertise for use when communicating with local subnets (MSS=1460 bytes or more) or remote subnets ... verify access. Provides an entry into the host access list stored on network 10. Each entry specifies a host or network of the printer (SNMP sysLocation object). If there are no entries, all hosts are allowed.
HP JetDirect Print Servers 600N/400N/500X/300X Administrator's Guide - 5969-3521
Page 38
.... trap-dest: Enters a host's IP address into the HP JetDirect print server's SNMP trap destination list. trap-community -name: Community name (password) included with SNMP traps that determines which SNMP SetRequests (control functions) the HP JetDirect print server will respond to . Newer HP JetDirect EIO cards will not support the separate SNMP authentification trap setting. (All SNMP traps will be ASCII characters. The list may...
.... trap-dest: Enters a host's IP address into the HP JetDirect print server's SNMP trap destination list. trap-community -name: Community name (password) included with SNMP traps that determines which SNMP SetRequests (control functions) the HP JetDirect print server will respond to . Newer HP JetDirect EIO cards will not support the separate SNMP authentification trap setting. (All SNMP traps will be ASCII characters. The list may...
HP JetDirect Print Servers 600N/400N/500X/300X Administrator's Guide - 5969-3521
Page 120
... been configured for the print server. Table 7.3 TCP/IP Configuration Messages (2 of the HP JetDirect configuration file. SPECIFIED indicates that the print server will accept all SNMP community names for SetRequests. This parameter is omitted when the print server is not configured using DHCP. This parameter is omitted when the print server is configured from the host. 114 HP JetDirect Configuration Page Messages...
... been configured for the print server. Table 7.3 TCP/IP Configuration Messages (2 of the HP JetDirect configuration file. SPECIFIED indicates that the print server will accept all SNMP community names for SetRequests. This parameter is omitted when the print server is not configured using DHCP. This parameter is omitted when the print server is configured from the host. 114 HP JetDirect Configuration Page Messages...
HP JetDirect Print Servers 600N/400N/500X/300X Administrator's Guide - 5969-3521
Page 125
... message is an invalid IP address for specifying a single node. Following the I /O CARD NOT READY There is a problem with one of the SNMP trap (Trap PDU) destination IP addresses specified for the HP JetDirect print server (through TFTP) is a status message. If this message reappears on another configuration page, you may have a problem with the...
... message is an invalid IP address for specifying a single node. Following the I /O CARD NOT READY There is a problem with one of the SNMP trap (Trap PDU) destination IP addresses specified for the HP JetDirect print server (through TFTP) is a status message. If this message reappears on another configuration page, you may have a problem with the...
HP JetDirect Print Servers 600N/400N/500X/300X Administrator's Guide - 5969-3521
Page 159
...111, 112 POSTSCRIPT MODE NOT SELECTED 124 POSTSCRIPT UPDATE NEEDED 124 print queue BSD-like systems 62 LPD 61 SAM (HP-UX) systems 64 print server HP JetDirect 1 parameters 53 supported 2 PRINT SERVER NOT DEFINED 124 printcap 62 printer gateway, see HP IP/IPX printer gateway for NDPS PRINTER NUMBER IN USE 125 ...BEACONING 125 FAILURE 125 RECOVERY 125 S SAM (HP-UX) print queues 64 SECURITY EQUIVALENCE NOT SET 125 self-test page, see configuration page SERVER ADDRESS 115 NAME 111 SIGNAL LOSS 126 SINGLE STATION 126 SNMP GET CMTY NAME 114 SNMP SET CMTY NAME 114 software installation EtherTalk or ...
...111, 112 POSTSCRIPT MODE NOT SELECTED 124 POSTSCRIPT UPDATE NEEDED 124 print queue BSD-like systems 62 LPD 61 SAM (HP-UX) systems 64 print server HP JetDirect 1 parameters 53 supported 2 PRINT SERVER NOT DEFINED 124 printcap 62 printer gateway, see HP IP/IPX printer gateway for NDPS PRINTER NUMBER IN USE 125 ...BEACONING 125 FAILURE 125 RECOVERY 125 S SAM (HP-UX) print queues 64 SECURITY EQUIVALENCE NOT SET 125 self-test page, see configuration page SERVER ADDRESS 115 NAME 111 SIGNAL LOSS 126 SINGLE STATION 126 SNMP GET CMTY NAME 114 SNMP SET CMTY NAME 114 software installation EtherTalk or ...
HP Jetdirect Print Server Administrator's Guide (300x, 510x)
Page 21
... of a /etc/bootptab file entry for an HP Jetdirect print server is "picasso".) hn The host name tag. nodename must precede the ha tag. For the HP Jetdirect print server, set this parameter to the HP Jetdirect print server. This tag must be printed on the Jetdirect configuration page, or returned on your printer, select... Community names (passwords) for your printer are identified in Table 3.1. If you specify a community name for other systems on an SNMP sysName request by a network application. The host name will be the first field in an entry. (In the example above, ...
... of a /etc/bootptab file entry for an HP Jetdirect print server is "picasso".) hn The host name tag. nodename must precede the ha tag. For the HP Jetdirect print server, set this parameter to the HP Jetdirect print server. This tag must be printed on the Jetdirect configuration page, or returned on your printer, select... Community names (passwords) for your printer are identified in Table 3.1. If you specify a community name for other systems on an SNMP sysName request by a network application. The host name will be the first field in an entry. (In the example above, ...
HP Jetdirect Print Server Administrator's Guide (300x, 510x)
Page 22
... A vendor-specific tag that the HP Jetdirectprint server sends syslog messages to the print server. On HP-UX systems, /usr/tftpdir is printed on the HP Jetdirect configuration page as SNMP (Simple Network Management Protocol) or non-default settings, an additional 22 TCP/IP Configuration ENWW On HP Jetdirect external print servers, it is prepended to your HP Jetdirect print server, such as the LAN HW ADDRESS...
... A vendor-specific tag that the HP Jetdirectprint server sends syslog messages to the print server. On HP-UX systems, /usr/tftpdir is printed on the HP Jetdirect configuration page as SNMP (Simple Network Management Protocol) or non-default settings, an additional 22 TCP/IP Configuration ENWW On HP Jetdirect external print servers, it is prepended to your HP Jetdirect print server, such as the LAN HW ADDRESS...
HP Jetdirect Print Server Administrator's Guide (300x, 510x)
Page 23
... example of a TFTP configuration file is provided below (the symbol '#' denotes a remark and is specified in the file). # # Example of an HP Jetdirect TFTP Configuration File # # Allow only Subnet 192.168.10 access to peripheral. # Up to four 'allow' entries can be written via TFTP. ...' may include single IP addresses. # allow: 192.168.10 255.255.255.0 # # # Disable Telnet # telnet: 0 # # Enable the embedded web server # ews-config: 1 # # Detect SNMP unauthorized usage # authentication-trap: on # # Send Traps to 192.168.10.1 # trap-dest: 192.168.10.1 # # Specify the Set Community Name # set-...
... example of a TFTP configuration file is provided below (the symbol '#' denotes a remark and is specified in the file). # # Example of an HP Jetdirect TFTP Configuration File # # Allow only Subnet 192.168.10 access to peripheral. # Up to four 'allow' entries can be written via TFTP. ...' may include single IP addresses. # allow: 192.168.10 255.255.255.0 # # # Disable Telnet # telnet: 0 # # Enable the embedded web server # ews-config: 1 # # Detect SNMP unauthorized usage # authentication-trap: on # # Send Traps to 192.168.10.1 # trap-dest: 192.168.10.1 # # Specify the Set Community Name # set-...
HP Jetdirect Print Server Administrator's Guide (300x, 510x)
Page 24
...may be remote (MSS=536 bytes), except the local subnet. The default is 64 characters. Specifies the maximum segment size (MSS) that the HP Jetdirect print server will advertise for use when communicating with local subnets (MSS=1460 bytes or more) or remote subnets (MSS=536 bytes): 0 (default) ...: allow : netnum [mask]" where netnum is a network number or host IP address, and mask is an address mask of the printer (SNMP sysLocation object). If there are no entries, all hosts are allowed. Since the card supports only a single TCP connection, the idle timeout balances...
...may be remote (MSS=536 bytes), except the local subnet. The default is 64 characters. Specifies the maximum segment size (MSS) that the HP Jetdirect print server will advertise for use when communicating with local subnets (MSS=1460 bytes or more) or remote subnets (MSS=536 bytes): 0 (default) ...: allow : netnum [mask]" where netnum is a network number or host IP address, and mask is an address mask of the printer (SNMP sysLocation object). If there are no entries, all hosts are allowed. Since the card supports only a single TCP connection, the idle timeout balances...
HP Jetdirect Print Server Administrator's Guide (300x, 510x)
Page 25
... Parameters (2 of an incoming SNMP SetRequest must match the print server's "set -communityname: Specifies a password that determines which SNMP GetRequests the HP Jetdirect print server will respond to. set community name" for the print server to respond. The maximum length is empty, the print server does not send SNMP traps. trap-dest: Enters a host's IP address into the HP Jetdirect print server's SNMP trap destination list. trap-community...
... Parameters (2 of an incoming SNMP SetRequest must match the print server's "set -communityname: Specifies a password that determines which SNMP GetRequests the HP Jetdirect print server will respond to. set community name" for the print server to respond. The maximum length is empty, the print server does not send SNMP traps. trap-dest: Enters a host's IP address into the HP Jetdirect print server's SNMP trap destination list. trap-community...
HP Jetdirect Print Server Administrator's Guide (300x, 510x)
Page 65
.... SNMP Messages (Table Provides SNMP community name 7.8) status. Table 6.1 External Print Server (2 of 2) Configuration Pages Item 7 8 Description Troubleshooting Information Apple EtherTalk status information (Table 7.7) (Ethernet only) If the AppleTalk protocol is working properly, or if it is communicating correctly on your Mac OS. Figure 6.2 Ethernet Configuration Page (External Single Port Print Servers) ENWW Troubleshooting the HP Jetdirect Print Server 65...
.... SNMP Messages (Table Provides SNMP community name 7.8) status. Table 6.1 External Print Server (2 of 2) Configuration Pages Item 7 8 Description Troubleshooting Information Apple EtherTalk status information (Table 7.7) (Ethernet only) If the AppleTalk protocol is working properly, or if it is communicating correctly on your Mac OS. Figure 6.2 Ethernet Configuration Page (External Single Port Print Servers) ENWW Troubleshooting the HP Jetdirect Print Server 65...
HP Jetdirect Print Server Administrator's Guide (300x, 510x)
Page 67
... messages for descriptions and illustrations of Ethernet configuration pages. General HP Jetdirect Messages (status and error messages listed in the following tables: ● Table 7.1 - SNMP Messages Note See the chapter "Troubleshooting the HP Jetdirect Print Server" for each network operating system. Novell NetWare Configuration Messages ● Table 7.5 - 7 HP Jetdirect Configuration Page Messages Introduction This chapter describes the messages, network...
... messages for descriptions and illustrations of Ethernet configuration pages. General HP Jetdirect Messages (status and error messages listed in the following tables: ● Table 7.1 - SNMP Messages Note See the chapter "Troubleshooting the HP Jetdirect Print Server" for each network operating system. Novell NetWare Configuration Messages ● Table 7.5 - 7 HP Jetdirect Configuration Page Messages Introduction This chapter describes the messages, network...
HP Jetdirect Print Server Administrator's Guide (300x, 510x)
Page 71
... a single node. I /O CARD READY The HP Jetdirect print server is an invalid IP address for specifying a single node. If this table for specifying a single node. ENWW HP Jetdirect Configuration Page Messages 71 I /O CARD NOT READY There is a problem with one of the SNMP trap (Trap PDU) destination IP addresses specified for the HP Jetdirect print server (through BOOTP) is trying to...
... a single node. I /O CARD READY The HP Jetdirect print server is an invalid IP address for specifying a single node. If this table for specifying a single node. ENWW HP Jetdirect Configuration Page Messages 71 I /O CARD NOT READY There is a problem with one of the SNMP trap (Trap PDU) destination IP addresses specified for the HP Jetdirect print server (through BOOTP) is trying to...