HP Jetdirect Security Guidelines
Page 2
...them . At the time HP Jetdirect was introduced, there was to have never had as much as if the printer was designed to allow users to print to Jetdirect immediately. In today's increasingly security focused environment, we will find the IP address, adding them to clients ...play" on the network and behave as Ethernet. The complexity and capability of the first print servers to widely implement security protocols such as Jetadmin, simplified configuration of HP Jetdirect devices by connecting them via networking protocols such as a directly connected printer. An 'Ease ...
...them . At the time HP Jetdirect was introduced, there was to have never had as much as if the printer was designed to allow users to print to Jetdirect immediately. In today's increasingly security focused environment, we will find the IP address, adding them to clients ...play" on the network and behave as Ethernet. The complexity and capability of the first print servers to widely implement security protocols such as Jetadmin, simplified configuration of HP Jetdirect devices by connecting them via networking protocols such as a directly connected printer. An 'Ease ...
HP Jetdirect Security Guidelines
Page 8
...SSL/TLS to those remote subnets. This doesn't prevent HP Jetdirect from receiving packets from other mischief with the IP address and mask for the network ID assigned to your data, you need to 0.0.0.0). Setup a rule to protect print traffic using IPsec Table 5 - Option 1) For SET...SSL/TLS to successfully authenticate the server endpoint (and optionally the client endpoint). How to any TCP/IP traffic. Otherwise, SSL/TLS is to disable all TCP/IP traffic to disable these protocols can be two entries: IP - 15.0.0.0 mask - 255.0.0.0 and IP -16.0.0.0 mask - 255.0.0.0. Options...
...SSL/TLS to those remote subnets. This doesn't prevent HP Jetdirect from receiving packets from other mischief with the IP address and mask for the network ID assigned to your data, you need to 0.0.0.0). Setup a rule to protect print traffic using IPsec Table 5 - Option 1) For SET...SSL/TLS to successfully authenticate the server endpoint (and optionally the client endpoint). How to any TCP/IP traffic. Otherwise, SSL/TLS is to disable all TCP/IP traffic to disable these protocols can be two entries: IP - 15.0.0.0 mask - 255.0.0.0 and IP -16.0.0.0 mask - 255.0.0.0. Options...
HP Jetdirect Security Guidelines
Page 28
Select "Allow" for SET 2 executed. Be sure that all IP addresses must use IPsec to utilize a management protocol. Once the Security Wizard configuration has been completed, then we 'll simply say that you are dropped by the IP layer. If an end station tries to communicate with SET 3, only ...the Security Wizard for the default rule and then click "Add Rules...". Select "All IP Addresses" and click "Next". 28 Let's go through the same process as we did with a management protocol to Jetdirect without using IPsec, the packets are using HTTPS before navigating to this time, we can...
Select "Allow" for SET 2 executed. Be sure that all IP addresses must use IPsec to utilize a management protocol. Once the Security Wizard configuration has been completed, then we 'll simply say that you are dropped by the IP layer. If an end station tries to communicate with SET 3, only ...the Security Wizard for the default rule and then click "Add Rules...". Select "All IP Addresses" and click "Next". 28 Let's go through the same process as we did with a management protocol to Jetdirect without using IPsec, the packets are using HTTPS before navigating to this time, we can...
HP Jetdirect Administrator's Guide
Page 4
... the HP Jetdirect Print Server Introduction 7 Supported Print Servers 8 Supported Network Protocols 8 Security Protocols 10 Supplied Manuals 12 HP Support 12 Product Registration 14 Product Accessibility 14 2. TCP/IP Configuration Introduction 34 Default IP Address 35 Using BOOTP/TFTP 40 Using DHCP 62 Using RARP 70 Using the arp and ping Commands 72 Using Telnet 74 Using the Embedded Web Server...
... the HP Jetdirect Print Server Introduction 7 Supported Print Servers 8 Supported Network Protocols 8 Security Protocols 10 Supplied Manuals 12 HP Support 12 Product Registration 14 Product Accessibility 14 2. TCP/IP Configuration Introduction 34 Default IP Address 35 Using BOOTP/TFTP 40 Using DHCP 62 Using RARP 70 Using the arp and ping Commands 72 Using Telnet 74 Using the Embedded Web Server...
HP Jetdirect Administrator's Guide
Page 5
... 7. HP Jetdirect Configuration Page Introduction 202 Configuration Page Format 203 Configuration Page Messages 205 Error Messages 225 A. 5. Configuring for LPD Printing Introduction 154 LPD Setup Overview 156 LPD on UNIX Systems 158 LPD on Windows NT/2000/Server 2003 Systems 162 LPD on Windows XP Systems 167 LPD on Mac OS Systems 169 6. TCP/IP...
... 7. HP Jetdirect Configuration Page Introduction 202 Configuration Page Format 203 Configuration Page Messages 205 Error Messages 225 A. 5. Configuring for LPD Printing Introduction 154 LPD Setup Overview 156 LPD on UNIX Systems 158 LPD on Windows NT/2000/Server 2003 Systems 162 LPD on Windows XP Systems 167 LPD on Mac OS Systems 169 6. TCP/IP...
HP Jetdirect Administrator's Guide
Page 13
... support at: http://www.hp.com/go/dlm_sw ● HP Web Jetadmin may be used on the print server provides a firmware upgrade feature using one of the following firmware installation tools: ● HP Jetdirect Download Manager (Windows). To start an FTP session, use the device IP address or host name. Firmware upgrades for supported HP Jetdirect print servers may be entered to...
... support at: http://www.hp.com/go/dlm_sw ● HP Web Jetadmin may be used on the print server provides a firmware upgrade feature using one of the following firmware installation tools: ● HP Jetdirect Download Manager (Windows). To start an FTP session, use the device IP address or host name. Firmware upgrades for supported HP Jetdirect print servers may be entered to...
HP Jetdirect Administrator's Guide
Page 24
... 4.0 (Intel-based) or Windows 2000 ● IPP-enabled HP Jetdirect print server (such as follows: 1. ENWW HP Software Solutions Summary 24 To set up a print path to an HP Jetdirect-connected Internet printer using the HP supplied software is compatible with support for support of the printer to...client software, proceed as HP Jetdirect 620n or en3700) HP Software Supported Proxies Web proxy with the Windows system IPP-client software. Windows 2000/XP/Server 2003 Integrated Software On Windows 2000/XP/Server 2003 systems, an alternative to get the IP address or URL of Windows ...
... 4.0 (Intel-based) or Windows 2000 ● IPP-enabled HP Jetdirect print server (such as follows: 1. ENWW HP Software Solutions Summary 24 To set up a print path to an HP Jetdirect-connected Internet printer using the HP supplied software is compatible with support for support of the printer to...client software, proceed as HP Jetdirect 620n or en3700) HP Software Supported Proxies Web proxy with the Windows system IPP-client software. Windows 2000/XP/Server 2003 Integrated Software On Windows 2000/XP/Server 2003 systems, an alternative to get the IP address or URL of Windows ...
HP Jetdirect Administrator's Guide
Page 25
... on the Internet and enter the print server's URL: http://IP_address[/ipp/port#] where IP_address is the IP address configured on the HP Jetdirect print server. [/ipp/port#] identifies the port number, which is port 1 for a printer driver (the HP Jetdirect print server does not contain printer drivers, so your printer CD-ROM to HP Jetdirect 620n/en3700 print server with the Windows Me CD-ROM. Select...
... on the Internet and enter the print server's URL: http://IP_address[/ipp/port#] where IP_address is the IP address configured on the HP Jetdirect print server. [/ipp/port#] identifies the port number, which is port 1 for a printer driver (the HP Jetdirect print server does not contain printer drivers, so your printer CD-ROM to HP Jetdirect 620n/en3700 print server with the Windows Me CD-ROM. Select...
HP Jetdirect Administrator's Guide
Page 34
... control panel, arp and ping commands (when the default IP address is configured on , the HP Jetdirect print server will be retained when powered off/on the print server model, up to two minutes may also be reconfigured to obtain its TCP/IP configuration using a server-based method, such as an IP address that is 192.0.0.192), or SNMP-based management software...
... control panel, arp and ping commands (when the default IP address is configured on , the HP Jetdirect print server will be retained when powered off/on the print server model, up to two minutes may also be reconfigured to obtain its TCP/IP configuration using a server-based method, such as an IP address that is 192.0.0.192), or SNMP-based management software...
HP Jetdirect Administrator's Guide
Page 35
... example, when shipped from the factory or after a cold-reset), the HP Jetdirect print server has no longer available), a default IP address will be assigned. Link-local addressing is no IP address. You must cold-reset the print server to change this method now fails to determine the appropriate default IP settings: ● On small private networks that fails. In addition, a default...
... example, when shipped from the factory or after a cold-reset), the HP Jetdirect print server has no longer available), a default IP address will be assigned. Link-local addressing is no IP address. You must cold-reset the print server to change this method now fails to determine the appropriate default IP settings: ● On small private networks that fails. In addition, a default...
HP Jetdirect Administrator's Guide
Page 36
.../16 or 192.0.0.192. If a duplicate address is sensed, the HP Jetdirect print server will automatically reassign its address, if necessary, in a factory-default state, this address as the link-local address. Default IP Address Configuration Options Default IP Parameter A Default IP configuration parameter on the Jetdirect configuration page that the assigned default IP address is undefined. The Default IP parameter can be assigned until it...
.../16 or 192.0.0.192. If a duplicate address is sensed, the HP Jetdirect print server will automatically reassign its address, if necessary, in a factory-default state, this address as the link-local address. Default IP Address Configuration Options Default IP Parameter A Default IP configuration parameter on the Jetdirect configuration page that the assigned default IP address is undefined. The Default IP parameter can be assigned until it...
HP Jetdirect Administrator's Guide
Page 37
... Ad Hoc connection is enabled, allowing DHCP requests to two minutes are sensed. However, this parameter is initially available. However, the IP configuration may not work without modification. HP Jetdirect Wireless Print Server. DHCP Requests Enable/Disable When a default IP address is connected a DHCP network because the sending of DHCP requests will be enabled by default. Default...
... Ad Hoc connection is enabled, allowing DHCP requests to two minutes are sensed. However, this parameter is initially available. However, the IP configuration may not work without modification. HP Jetdirect Wireless Print Server. DHCP Requests Enable/Disable When a default IP address is connected a DHCP network because the sending of DHCP requests will be enabled by default. Default...
HP Jetdirect Administrator's Guide
Page 38
... (DDNS) for your network in the /etc directory. TCP/IP Configuration Tools When a network connection has been established, an HP Jetdirect print server can be configured with the IP address. These protocols are provided. ● RARP. The RARP method only allows you set all print server lease durations to your server operating system supports DHCP.) For more information see "Using...
... (DDNS) for your network in the /etc directory. TCP/IP Configuration Tools When a network connection has been established, an HP Jetdirect print server can be configured with the IP address. These protocols are provided. ● RARP. The RARP method only allows you set all print server lease durations to your server operating system supports DHCP.) For more information see "Using...
HP Jetdirect Administrator's Guide
Page 39
... connection from your system to configure only a limited subset of configuration parameters. Once configured, the print server saves the configuration when powered off /on. The control panel method allows you to the HP Jetdirect print server using the default IP address. ENWW TCP/IP Configuration 39 If control panel configuration is recommended only during troubleshooting or for simple installations...
... connection from your system to configure only a limited subset of configuration parameters. Once configured, the print server saves the configuration when powered off /on. The control panel method allows you to the HP Jetdirect print server using the default IP address. ENWW TCP/IP Configuration 39 If control panel configuration is recommended only during troubleshooting or for simple installations...
HP Jetdirect Administrator's Guide
Page 43
... link-level, or station address of the HP Jetdirect print server. Entries and tags supported by the HP Jetdirect print server are listed in a BOOTP/DHCP Boot file (1 of 4) RFC 2132 Option Description nodename -- Set this to rfc1048. For the HP Jetdirect print server, set this parameter to ether (for Ethernet). This tag must be the HP Jetdirect print server's IP address. The hardware (MAC) address is "picasso".) ht -- The...
... link-level, or station address of the HP Jetdirect print server. Entries and tags supported by the HP Jetdirect print server are listed in a BOOTP/DHCP Boot file (1 of 4) RFC 2132 Option Description nodename -- Set this to rfc1048. For the HP Jetdirect print server, set this parameter to ether (for Ethernet). This tag must be the HP Jetdirect print server's IP address. The hardware (MAC) address is "picasso".) ht -- The...
HP Jetdirect Administrator's Guide
Page 44
...). ds 6 DNS (Domain Name System) server's IP address tag. Only a single name server can be printed on the Jetdirect configuration page, or returned on an SNMP sysName request by the HP Jetdirect print server to . For more information, see Appendix A. ef 18 Extensions file tag that specifies the relative path name of an IP address that the HP Jetdirect print server sends syslog messages to identify...
...). ds 6 DNS (Domain Name System) server's IP address tag. Only a single name server can be printed on the Jetdirect configuration page, or returned on an SNMP sysName request by the HP Jetdirect print server to . For more information, see Appendix A. ef 18 Extensions file tag that specifies the relative path name of an IP address that the HP Jetdirect print server sends syslog messages to identify...
HP Jetdirect Administrator's Guide
Page 46
...the /etc/bootptab file's T144 vendor-specific tag (or the "ef" standard BOOTP tag) entry. ENWW TCP/IP Configuration 46 Refer to specify the TFTP server's IP address where the TFTP configuration file is located. Interlock Mode option. Example: 1 1 specifies , T150 -- Spaces are... is continued on a line. The underline character (_) is not allowed. Table 3.1 Item Tags Supported in the form: : For supported HP Jetdirect print servers, the Port Number is 1 (default). : Option value 0 (default) disables interlock, 1 enables. TFTP Configuration File Entries To provide...
...the /etc/bootptab file's T144 vendor-specific tag (or the "ef" standard BOOTP tag) entry. ENWW TCP/IP Configuration 46 Refer to specify the TFTP server's IP address where the TFTP configuration file is located. Interlock Mode option. Example: 1 1 specifies , T150 -- Spaces are... is continued on a line. The underline character (_) is not allowed. Table 3.1 Item Tags Supported in the form: : For supported HP Jetdirect print servers, the Port Number is 1 (default). : Option value 0 (default) disables interlock, 1 enables. TFTP Configuration File Entries To provide...
HP Jetdirect Administrator's Guide
Page 47
... Example of an HP Jetdirect TFTP Configuration File # # Allow only Subnet 192.168.10 access to peripheral. # Up to 10 'allow' entries can be written through TFTP. # Up to 10 'allow' entries can be written through Telnet # or embedded Web server. # 'allow' may include single IP addresses. # allow: ...192.168.10.0 255.255.255.0 # # # Disable Telnet # telnet-config: 0 # # Enable the embedded Web server # ews-config: 1 # # Detect SNMP unauthorized usage # auth-trap: on...
... Example of an HP Jetdirect TFTP Configuration File # # Allow only Subnet 192.168.10 access to peripheral. # Up to 10 'allow' entries can be written through TFTP. # Up to 10 'allow' entries can be written through Telnet # or embedded Web server. # 'allow' may include single IP addresses. # allow: ...192.168.10.0 255.255.255.0 # # # Disable Telnet # telnet-config: 0 # # Enable the embedded Web server # ews-config: 1 # # Detect SNMP unauthorized usage # auth-trap: on...
HP Jetdirect Administrator's Guide
Page 51
... Domain Name (such as printer1.support.hp.com). pri-dns-svr: (dns-srv) The IP address of the LAN hardware address. sec-dns-svr: The IP address of a secondary DNS server to use with supported Scan devices. ftp-printing: (ftp-config:, ftp:) Enables or...printing each time the print server is powered on the Jetdirect configuration page. pri-wins-svr: (pri-wins-srv:) The IP address of the secondary Windows Internet Naming Service (WINS) server. sec-wins-svr: (sec-wins-srv:) The IP address of the primary Windows Internet Naming Service (WINS) server. smtp-svr: The IP address of 12) TCP/IP...
... Domain Name (such as printer1.support.hp.com). pri-dns-svr: (dns-srv) The IP address of the LAN hardware address. sec-dns-svr: The IP address of a secondary DNS server to use with supported Scan devices. ftp-printing: (ftp-config:, ftp:) Enables or...printing each time the print server is powered on the Jetdirect configuration page. pri-wins-svr: (pri-wins-srv:) The IP address of the secondary Windows Internet Naming Service (WINS) server. sec-wins-svr: (sec-wins-srv:) The IP address of the primary Windows Internet Naming Service (WINS) server. smtp-svr: The IP address of 12) TCP/IP...
HP Jetdirect Administrator's Guide
Page 75
... 75 For example, to create a route from the system command prompt, enter the following command: route add where is the IP address configured on the HP Jetdirect print server, and is the IP address of BOOTP, DHCP, RARP and other dynamic configuration methods may no longer function. Whenever you can enter the appropriate command at the same time...
... 75 For example, to create a route from the system command prompt, enter the following command: route add where is the IP address configured on the HP Jetdirect print server, and is the IP address of BOOTP, DHCP, RARP and other dynamic configuration methods may no longer function. Whenever you can enter the appropriate command at the same time...