Administrator's Guide

ManualsBrandsHP ManualsNetwork Print ServersHP Jetdirect 640n Print Server

171

172

173

174

175

176

177

178

179

180

Table 8-16 IPsec statistics

Message Description

Fragmentation Errors Number of fragmented packets that cannot be reassembled.

ESP MAC Errors Number of encapsulating security payload (ESP) MAC errors. MAC is used to verify

that the received message is the same as the one sent.

AH MAC Errors Number of authentication header (AH) MAC errors. MAC is used to verify that the

message received is the same as the one sent.

Replay Errors Number of replay attacks, where unauthorized packets are resent.

Drop Rule Number of dropped packets based on the IPsec rule (set to drop all non-IPsec traffic).

Client notification of dropped packets is not provided.

Reject Rule Number of rejected IPsec packets. Client notification of rejected packets is provided

through ICMP error messages.

No Rule Number of received packets for which an IPsec policy rule is not configured.

Generic Drops Number of dropped packets that are not counted by other statistics.

ESP (Rx/Tx): Total number of ESP packets received (Rx) and transmitted (Tx) by the print server.

AH (Rx/Tx) Total number of AH packets received (Rx) and transmitted (Tx) by the print server.

Total (Rx/Tx) Total number of all packets received (Rx) and transmitted (Tx) by the print server.

IKE Stats

Internet key exchange (IKE) statistics for the print server are described in the following table.

Table 8-17 IKE Statistics

Message Description

Phase 1 Failures Number of authentication failures that occur when the print server is establishing a

connection over IPsec. These result in connection failures.

Quick Mode Failures Number of post-authentication failures that occur during IPsec protocol configuration,

which result in connection failures.

Rekeys Number of times keys were regenerated. For example, this can occur after a key

lifetime setting is exceeded and then regenerated.

IKE Connections OK (1/Q) Number of successful IPsec connections for both Phase 1 and Quick Mode attempts,

separated by a slash (Phase 1 count / Quick Mode count).

IPsec Rules

This section of the Security page identifies the IPsec policy of the print server. The IPsec policy

consists of rules that control the security of the traffic received and transmitted by the print server.

Rules are configured with an IPsec configuration wizard, which is accessed from the HP Embedded

Web Server. You can configure up to ten rules.

The heading of this section indicates the default rule for IPsec traffic (Def: Pass or Drop)

● Pass Allow all non-IPsec traffic.

●

Drop Drop all non-IPsec traffic.

ENWW HP Jetdirect Security page 163