Administrator's Guide

ManualsBrandsHP ManualsNetwork Print ServersHP Jetdirect 640n Print Server

111

112

113

114

115

116

117

118

119

120

The supported 802.1X authentication protocols and associated configuration depend on the print

server model and firmware version. Available configuration settings are listed in

Table 4-18 802.1X

configuration settings on page 101.

Table 4-18 802.1X configuration settings

Item Description

Enable Protocols Enable (check) the supported protocols used for 802.1X authentication on your network.

● PEAP Uses digital certificates for network server authentication and passwords for

client authentication. PEAP requires an EAP User Name, EAP Password, and CA

Certificate. Dynamic encryption keys are also used.

● EAP-TLS Uses a mutual authentication protocol based on digital certificates for

authentication of both the client and the network authentication server. EAP-TLS

requires an EAP User Name, HP Jetdirect certificate and CA certificate. Dynamic

encryption keys are also used.

User Name EAP/802.1X user name (up to 128 characters maximum) for this device. The default is

the default host name of the print server, NPIxxxxxx, where xxxxxx are the last six digits

of the LAN hardware (MAC) address. You can also use DOMAIN\username, where

DOMAIN is the Microsoft Windows NT 4 style DOMAIN name, username@domain, or

username.

Password, Confirm Password EAP/802.1X password (up to 128 characters maximum) for this device. Enter the

password again in the Confirm Password field to verify.

Server ID Server ID validation string to identify and validate the authentication server. The string is

specified on the digital certificate issued by a trusted certificate authority (CA) for the

authentication server. Can contain a partial string (right-most characters) unless the

Require Exact Match check box is selected.

Encryption Strength Minimum encryption strength used during communication with the authentication server.

Select Low, Medium, or High encryption strength. For each encryption strength,

ciphers are specified to identify the weakest cipher allowed.

Jetdirect Ceritificate A self-signed HP Jetdirect certificate is pre-installed. To install a replacement, click

Configure.

CA Certificate To validate the authentication server's identity, the authentication server's certificate or a

CA (or “Root”) certificate must be installed on the print server. This CA certificate must

be issued by the certificate authority who signed the authentication server's certificate.

To configure or install a CA certificate, click Configure.

On Authentication Failure By default, an invalid 802.1x configuration causes the print server to lose network

connectivity. This typically requires physical access to the printer/MFP to perform a

manual 802.1x reset from the control panel.

To allow network connectivity after an authentication failure (set the switch port to

unsecure), select Connect anyway (802.1x Fail-over).

To retain the default behavior during an authentication failure (block network access),

select Block network (secure failure).

ENWW Networking tab 101