Network User’s Guide Multi-Protocol On-board Ethernet Print Server and Wireless Print Server This Network User's Guide provides useful information on wired and wireless network settings and security settings using your Brother machine. You can also find supported protocol information and detailed troubleshooting tips. To download the latest manual, please visit the Brother Solutions Center at (http://solutions.brother.com/).
Applicable models This User’s Guide applies to the following model. HL-S7000DN Definitions of notes We use the following icons throughout this User’s Guide: Important Important indicates a potentially hazardous situation which, if not avoided, may result in damage to property or loss of product functionality. Note Notes tell you how you should respond to a situation that may arise or give tips about how the operation works with other features.
Table of Contents Section I 1 Network Operation Introduction 2 Network features........................................................................................................................................2 Other Network features .......................................................................................................................3 2 Changing your machine’s network settings 4 How to change your machine’s network settings (IP address, Subnet mask and Gateway) ..............
Wired Enable ....................................................................................................................................35 WLAN Enable ...................................................................................................................................35 IPsec..................................................................................................................................................35 Reset the network settings to the factory default...............
7 Troubleshooting 76 Overview..................................................................................................................................................76 Identifying your problem ....................................................................................................................76 Section II Network Glossary 8 Types of network connections and protocols 83 Types of network connections ..............................................................................
B Appendix B 104 Using services .......................................................................................................................................104 Other ways to set the IP address (for advanced users and administrators) ..........................................105 Using DHCP to configure the IP address ........................................................................................105 Using RARP to configure the IP address .................................................
Section I Network Operation Introduction Changing your machine’s network settings Configuring your machine for a wireless network Control panel setup Web Based Management Security features Troubleshooting I 2 4 7 30 42 54 76
1 Introduction 1 1 Network features 1 Your Brother machine can be shared on a 10/100 MB (Mbit/s) or 1GB (Gbit/s) wired, or IEEE 802.11b/g/n wireless network using the internal network print server. The print server supports various functions and methods of connection depending on the operating system you are running on a network supporting TCP/IP. The following chart shows what network features and connections are supported by each operating system.
Introduction Other Network features 1 1 Security 1 Your Brother machine employs some of the latest network security and encryption protocols available. (See Security features uu page 54.) Secure Function Lock 2.0 1 Secure Function Lock 2.0 increases security by restricting the use of functions. (See Secure Function Lock 2.0 uu page 46.
2 Changing your machine’s network settings 2 How to change your machine’s network settings (IP address, Subnet mask and Gateway) 2 The machine’s network settings can be changed using Web Based Management, the control panel, BRAdmin Light and BRAdmin Professional 3. Please read this chapter for details.
Changing your machine’s network settings Setting the IP address, Subnet Mask and Gateway using BRAdmin Light 2 Note • You can download Brother's latest BRAdmin Light utility from http://solutions.brother.com/. 2 • If you require more advanced machine management, use the latest version of BRAdmin Professional 3 utility that is available as a download from http://solutions.brother.com/. This utility is only available for Windows® users.
Changing your machine’s network settings • You can find the Node Name and MAC Address / Ethernet Address by printing the Network Configuration Report. (See Printing the Network Configuration Report uu page 37 for information on how to print the Network Configuration Report on your print server.) You can also find the MAC Address from the control panel. (See Chapter 4: Control panel setup.) d Choose STATIC from Boot Method. Enter the IP Address, Subnet Mask and Gateway (if needed) for your machine.
3 Configuring your machine for a wireless network 3 Overview 3 To connect your machine to your wireless network, we recommend following one of the setup methods outlined in the Quick Setup Guide. The wireless setup method using the installation CD-ROM and a USB cable is the easiest method for setup. 3 For additional wireless configuration methods please read this chapter for more details on how to configure the wireless network settings.
Configuring your machine for a wireless network Confirm your network environment 3 Connected to a computer with a WLAN access point/router in the network (Infrastructure mode) 3 3 1 4 2 3 1 WLAN access point/Router 1 1 If your computer supports Intel® MWT (My WiFi Technology), you can use your computer as a WPS (Wi-Fi Protected Setup) supported access point.
Configuring your machine for a wireless network Connected to a wireless capable computer without a WLAN access point/router in the network (Ad-hoc mode) 3 This type of network does not have a central WLAN access point/router. Each wireless client communicates directly with each other. When the Brother wireless machine (your machine) is part of this network, it receives all print jobs directly from the computer sending the print data.
Configuring your machine for a wireless network Wireless configuration temporarily using a USB cable (Recommended for Windows®) 3 It is recommended that you use a PC wirelessly connected to your network for this method. You can remotely configure the machine from the computer on the network using a USB cable (A) 1. 3 A 1 You can configure the wireless settings of the machine using a USB cable temporarily connected to a wired or wireless computer.
Configuring your machine for a wireless network If you are using Windows ® XP, Macintosh or using a network cable to connect your computer with your wireless access point/router, you need to know the SSID and Network Key of your WLAN access point/router before you proceed. Network name: (SSID) Network Key 3 For example: Network name: (SSID) Network Key HELLO 12345678 For an enterprise wireless network configuration 3 If you are configuring your machine for an IEEE 802.
Configuring your machine for a wireless network For example: Network name: (SSID) HELLO Communication Mode Authentication method Encryption mode User ID Password Infrastructure EAP-FAST/MS-CHAPv2 AES Brother 12345678 3 Note • If you configure your machine using EAP-TLS Authentication, you must install the Client Certificate issued by a CA (Certificate Authority) before you start configuration. Contact your network administrator about the Client Certificate.
Configuring your machine for a wireless network 2 Choose Wireless Network Connection and then click Next. c d Choose Yes, I have a USB cable to use for installation and then click Next. Follow the on-screen instructions to configure the wireless settings. Note • When the Available Wireless Networks screen appears, if your access point is set to not broadcast the SSID, you can manually add it by clicking the Advanced button. Follow the on-screen instructions for entering the Name (SSID).
Configuring your machine for a wireless network Configuration using the machine’s control panel Setup Wizard 3 You can use the machine’s control panel to configure your wireless network settings. By using the control panel Setup Wizard function, you can easily connect your Brother machine to your wireless network. 3 Important • You must know your wireless network settings before you proceed with this installation.
Configuring your machine for a wireless network Note If your access point/router uses WEP encryption, enter the key used as the first WEP key. Your Brother machine supports the use of the first WEP key only. b c Press Menu. d Press a or b to choose WLAN. Press OK. e Press a or b to choose Setup Wizard. Press OK. f When WLAN Enable? is displayed, press a or b to choose On and then press OK. This will start the wireless setup wizard. To cancel, press Cancel.
Configuring your machine for a wireless network (Windows®) You have completed the wireless network setup. If you would like to continue installing the printer driver, please choose Install Printer Driver from the CD-ROM menu. (Macintosh) You have completed the wireless network setup. If you would like to continue installing the printer driver, please choose Start Here OSX from the CD-ROM menu.
Configuring your machine for a wireless network e Press a or b to choose Setup Wizard. Press OK. f When WLAN Enable? is displayed, press a or b to choose On and then press OK. This will start the wireless setup wizard. To cancel, press Cancel. g The machine will search for your network and display a list of available SSIDs. Choose using a or b. Press OK. h Enter the SSID name. (For information on how to enter text: uu Quick Setup Guide.) Press OK.
Configuring your machine for a wireless network (Windows®) You have completed the wireless network setup. If you would like to continue installing the printer driver, please choose Install Printer Driver from the CD-ROM menu. (Macintosh) You have completed the wireless network setup. If you would like to continue installing the printer driver, please choose Start Here OSX from the CD-ROM menu.
Configuring your machine for a wireless network For example: Network name: (SSID) HELLO Communication Mode Authentication method Encryption mode User ID Password Infrastructure EAP-FAST/MS-CHAPv2 AES Brother 12345678 3 Note • If you configure your machine using EAP-TLS Authentication, you must install the Client Certificate issued by a CA (Certificate Authority) before you start configuration. Contact your network administrator about the Client Certificate.
Configuring your machine for a wireless network k Choose the Authentication method using a or b, and press OK. Do one of the following: If you chose LEAP, go to step q. If you chose EAP-FAST, go to step l. If you chose PEAP, go to step l. If you chose EAP-TTLS, go to step l. If you chose EAP-TLS, go to step m. l Choose the Inner Authentication method NONE, CHAP, MS-CHAP, MS-CHAPv2, GTC or PAP using a or b, and press OK. Go to step m.
Configuring your machine for a wireless network u If your wireless device is connected successfully, the display shows Connected. The machine will print your machine's wireless status report. If the connection failed, check the error code on the printed report and refer to uu Quick Setup Guide: Troubleshooting. (Windows®) You have completed the wireless network setup. If you would like to continue installing the printer driver, please choose Install Printer Driver from the CD-ROM menu.
Configuring your machine for a wireless network One push configuration using WPS (Wi-Fi Protected Setup) or AOSS™ 3 You can use WPS or AOSS™ from the control panel menu to configure your wireless network settings if your WLAN access point/router (A) supports either WPS (PBC 1) or AOSS™. 3 A 1 Push Button Configuration Important • If you are going to connect your Brother machine to your network, we recommend that you contact your system administrator prior to installation.
Configuring your machine for a wireless network f When the LCD shows Start WPS/AOSS on your wireless access point/router. Then press OK., press the WPS or AOSS™ button on your wireless access point/router. See the user's guide for your wireless access point/router for instructions. Then press OK and your machine will now automatically detect which mode (WPS or AOSS™) your wireless access point/router uses and try to connect to your wireless network.
Configuring your machine for a wireless network Configuration using the PIN Method of WPS (Wi-Fi Protected Setup) 3 If your WLAN access point/router supports WPS (PIN Method), you can configure the machine easily. The PIN (Personal Identification Number) Method is one of the connection methods developed by the Wi-Fi Alliance®. By inputting a PIN which is created by an Enrollee (your machine) to the Registrar (a device that manages the wireless LAN), you can setup the WLAN network and security settings.
Configuring your machine for a wireless network a b c d e Press Menu. f g The LCD will show an 8 digit PIN and the machine starts searching for a WLAN access point/router. Press a or b to choose Network. Press OK. Press a or b to choose WLAN. Press OK. Press a or b to choose WPS w/PIN Code. Press OK. 3 When WLAN Enable? is displayed, press a or b to choose On and then press OK. This will start the wireless setup wizard. To cancel, press Cancel.
Configuring your machine for a wireless network h 5 Choose your network that you want to connect to, and then click Next. 6 Click Close. If your wireless device is connected successfully, the display shows Connected. The machine will print your machine's wireless status report. If the connection failed, check the error code on the printed report and refer to uu Quick Setup Guide: Troubleshooting. 3 (Windows®) You have completed the wireless network setup.
Configuring your machine for a wireless network Configuration in Ad-hoc mode (For IEEE 802.11b) 3 Using configured SSID 3 If you are trying to pair the machine to a computer that is already in Ad-hoc mode with a configured SSID, you will need to complete the following steps: a 3 Before configuring your machine we recommend you write down your wireless network settings. You will need this information before you continue with the configuration.
Configuring your machine for a wireless network f When WLAN Enable? is displayed, press a or b to choose On and then press OK. This will start the wireless setup wizard. To cancel, press Cancel. g The machine will search for your network and display a list of available SSIDs. If a list of SSIDs is displayed, press a or b to choose the SSID you wrote down in step a. Press OK. Do one of the following: If your network key is already configured, go to step h.
Configuring your machine for a wireless network e When WLAN Enable? is displayed, press a or b to choose On and then press OK. This will start the wireless setup wizard. To cancel, press Cancel. f The machine will search for your network and display a list of available SSIDs. Choose using a or b. Press OK. g Enter the SSID name. (For information on how to enter text: uu Quick Setup Guide.) Press OK. h Using a or b, choose Ad-hoc when instructed. Press OK.
4 Control panel setup 4 Overview 4 The control panel of the HL-S7000DN has a backlit 16-character 5-line liquid crystal display (LCD), two light emitting diodes (LEDs), and several keys. 4 With the control panel you can do the following: Change the print server settings using the control panel 4 See Network menu uu page 31. Reset the network settings to the factory default 4 See Reset the network settings to the factory default uu page 36.
Control panel setup Network menu 4 The Network menu selections of the control panel allow you to set up the Brother machine for your network configuration. (For more information on how to use the control panel: uu User’s Guide.) Press Menu, then press a or b to choose Network. Proceed to the menu selection you wish to configure. (For additional information on the menu, see Function table and default factory settings uu page 39.
Control panel setup Subnet Mask 4 This field displays the current subnet mask used by the machine. If you are not using DHCP or BOOTP to obtain the subnet mask, enter the desired subnet mask. Check with your network administrator for the subnet mask to use. Gateway 4 This field displays the current gateway or router address used by the machine. If you are not using DHCP or BOOTP to obtain the gateway or router address, enter the address you wish to assign.
Control panel setup DNS Server 4 Primary DNS Server IP Address 4 This field specifies the IP address of the primary DNS (Domain Name System) server. Secondary DNS Server IP Address 4 This field specifies the IP address of the secondary DNS server. It is used as a backup to the Primary DNS server address. If the Primary server is unavailable, the machine will contact the Secondary DNS server.
Control panel setup Setup Wizard (wireless network only) 4 The Setup Wizard guides you through the wireless network configuration. (For more information: uu Quick Setup Guide or Manual configuration from the control panel uu page 14.) WPS (Wi-Fi Protected Setup)/AOSS™ (wireless network only) 4 If your WLAN access point/router supports either WPS (PBC 1) or AOSS™ (Automatic Wireless mode), you can configure the machine easily.
Control panel setup MAC Address 4 The MAC address is a unique number assigned for the machine's network interface. You can check your machine's MAC address from the control panel. Set to Default 4 The Set to Default allows you to reset each wired or wireless settings to the factory default. If you want to reset both wired and wireless settings, see Reset the network settings to the factory default uu page 36. Wired Enable 4 4 If you want to use the wired network connection, set Wired Enable to On.
Control panel setup Reset the network settings to the factory default 4 You can reset the print server back to its default factory settings (resetting all information such as the password and IP address information). Note • This function resets all wired and wireless network settings to the factory default. • You can also reset the print server back to its factory default settings using the BRAdmin applications or Web Based Management.
Control panel setup Printing the Network Configuration Report 4 Note Node name: The Node name appears on the Network Configuration Report. The default node name is “BRNxxxxxxxxxxxx” for a wired network or “BRWxxxxxxxxxxxx” for a wireless network. (“xxxxxxxxxxxx” is the last 6 figures of your machine’s MAC Address / Ethernet Address.) The Network Configuration Report prints a report listing all the current network configuration including the network print server settings. a b Press Menu.
Control panel setup Printing the WLAN report 4 The Print WLANReport prints your machine's wireless status report. If the wireless connection failed, check the error code on the printed report and refer to uu Quick Setup Guide: Troubleshooting. a b Press Menu. c Press a or b to choose Print WLANReport. Press OK. Press a or b to choose Machine Info. Press OK.
Control panel setup Function table and default factory settings 4 Factory settings are shown in Bold with asterisk. Main menu Submenu Menu Selections Network Wired LAN TCP/IP Options Boot Method Auto* Static RARP 4 BOOTP DHCP IP Address (000.000.000.000)* 1 Subnet Mask (000.000.000.000)* 1 Gateway (000.000.000.
Control panel setup Main menu Submenu Menu Selections Options Network Wired LAN MAC Address — (continued) (continued) Set to Default Restores wired network settings of the internal print server to the factory default. Wired Enable — — On* Off WLAN TCP/IP Boot Method Auto* 4 Static RARP BOOTP DHCP IP Address (000.000.000.000)* 1 Subnet Mask (000.000.000.000)* 1 Gateway (000.000.000.
Control panel setup Main menu Submenu Menu Selections Network WLAN WLAN Status (continued) (continued) Options Status Active(11n) Active(11b) Active(11g) Wired LAN Active WLAN OFF AOSS Active 4 Connection Fail Signal Channel (Appears only when WLAN Enable is On.) Speed SSID Comm. Mode Ad-hoc Infrastructure MAC Address — — Set to Default Restores wireless network settings of the internal print server to the factory default.
5 Web Based Management 5 Overview 5 A standard Web Browser can be used to manage your machine using the HTTP (Hyper Text Transfer Protocol) or HTTPS (Hyper Text Transfer Protocol over Secure Socket Layer). You can perform the function listed or get the following information from a machine on your network using a web browser.
Web Based Management How to configure the machine settings using Web Based Management (web browser) 5 A standard web browser can be used to change your print server settings using the HTTP (Hyper Text Transfer Protocol) or HTTPS (Hyper Text Transfer Protocol over Secure Socket Layer). Note • We recommend to use HTTPS protocol for your security when configuring the settings using Web Based Management.
Web Based Management Setting a password 5 We recommend setting a login password to prevent unauthorized access to the Web Based Management. a b c d Click Administrator. Enter the password you want to use (up to 32 characters). Re-enter the password in Confirm New Password box. Click Submit. From the next time you access the Web Based Management, enter the password in the Login box, and then click . After configuring the settings, logout by clicking .
Web Based Management Gigabit Ethernet (wired network only) 5 Your machine supports 1000BASE-T Gigabit Ethernet. To connect to a 1000BASE-T Gigabit Ethernet network, you must set the machine’s Ethernet link mode to Auto from the machine’s control panel or Auto from Web Based Management (web browser). 1000BASE-T Gigabit Ethernet network also allows you to use the Jumbo Frame feature. Jumbo frames are data packets that are larger than the standard Ethernet frame size (maximum 1,518 bytes).
Web Based Management Secure Function Lock 2.0 5 Secure Function Lock 2.0 from Brother helps you to save money and increase security by restricting the functions available on your Brother machine. Secure Function Lock allows you to configure passwords for selected users, granting them access to some, or all, of these functions, or limiting them to a page limit. This means that only authorized people can use them. You can configure and change the following Secure Function Lock 2.
Web Based Management b Click Submit. Restricting PC print by PC user login name 5 By configuring this setting, the machine can authenticate by PC user login name to allow a print job from a registered computer. a b c Click PC Print Restriction by Login Name. d Click Submit. Choose On from PC Print Restriction.
Web Based Management How to configure the SNTP protocol using Web Based Management 5 SNTP is the protocol used to synchronize the time used by the machine for authentication with the SNTP time server. a b c Click Network, and then click Protocol. Select the SNTP check box to activate the setting. Click Advanced Setting. Status 5 Displays whether the SNTP server settings are enabled or disabled. SNTP Server Method Choose AUTO or STATIC.
Web Based Management Store Print Log to Network 5 The Store Print Log to Network feature allows you to save the print log file from your Brother machine to a network server using CIFS 1. You can record the ID, type of print job, job name, user name, date, time and the number of printed pages for every print job. 1 CIFS is the Common Internet File System protocol that runs over TCP/IP allowing computers on a network to share files over an intranet or the Internet.
Web Based Management Auth. Method Choose the authentication method required for access to the CIFS server Auto, Kerberos 1 or NTLMv2 2. 1 Kerberos is an authentication protocol which allows devices or individuals to securely prove their identity to network servers using a single sign-on. 2 NTLMv2 is the authentication method used by Windows® to log into servers. • Auto: If you choose Auto, the machine will initially search for a Kerberos server.
Web Based Management a Choose Cancel Print or Ignore Log & Print in the Error Detection Setting of Store Print Log to Network. Cancel Print If you choose Cancel Print, the print jobs are canceled when the print log cannot be stored to the server. Ignore Log & Print If you choose Ignore Log & Print, the machine prints the document even if the print log cannot be stored to the server.
Web Based Management • The Username 1 and Password in Authentication Setting are correct. 1 If the username is part of a domain, please input the username in one of the following styles: user@domain or domain\user. • The time of the log file server matches the time from the SNTP server, or the Date&Time settings. • The SNTP time server settings are configured correctly so the time matches the time used for authentication by Kerberos or NTLMv2.
Web Based Management Storage Print 5 Storage Print allows you to store print jobs in the machine. You can configure the job type for each stored job, as well as confirm the percentage of memory available, the number of print jobs stored, the total number of jobs that can be stored, the remaining number of jobs that can be stored, and view the job list. a b Click Administrator on the machine’s web page, and then click Storage Print. Click an item below depending on your needs.
6 Security features 6 Overview 6 In today’s world there are many security threats to your network and the data that travels over it. Your Brother machine employs some of the latest network security and encryption protocols available today. These network features can be integrated into your overall network security plan to help protect your data and prevent unauthorized access to the machine. This chapter explains how to configure them.
Security features Managing your network machine securely using SSL/TLS 6 To manage your network machine securely, you need to use the management utilities with security protocols. Secure Management using Web Based Management (web browser) 6 We recommend to use HTTPS and SNMPv3 protocol for secure management. To use these protocols, the following machine settings are required. Note • The HTTPS protocol is enabled by default.
Security features Secure Management using BRAdmin Professional 3 (Windows®) 6 To use the BRAdmin Professional 3 utility securely, you need to follow the points below 6 We strongly recommend to use the latest version of the BRAdmin Professional 3 utility that is available as a download from http://solutions.brother.com/. If you use an older version of BRAdmin 1 to manage your Brother machines the user authentication will not be secure.
Security features h You can configure the SNMP settings from the screen below. 6 We have three SNMP connection modes of operation. 6 SNMP v1/v2c read-write access In this mode the print server uses version 1 and version 2c of the SNMP protocol. You can use all Brother applications under this mode. However, it is not secure since it will not authenticate the user and the data will not be encrypted.
Security features • Except for BRAdmin Professional 3, all applications that use SNMPv1/v2c will be restricted. To allow the use of SNMPv1/v2c applications, use SNMPv3 read-write access and v1/v2c read-only access or SNMP v1/v2c read-write access mode. • For more information, see the Help text in Web Based Management.
Security features Printing documents securely using SSL/TLS 6 We recommend to use IPPS protocol for secure management. To use the IPPS protocol, the following machine settings are required. Note • Communication using IPPS cannot prevent unauthorized access to the print server. • You must also install the certificate you have installed to the machine onto your computer. See How to install the self-signed certificate on your computer uu page 68. • The IPPS protocol must be enabled.
Security features Sending an E-mail securely 6 Configuration using Web Based Management (web browser) a b 6 Start your web browser. Type “http://machine’s IP address/” into your browser (where “machine’s IP address” is the machine’s IP address). For example: http://192.168.1.2/ c No password is required by default. Enter a password if you have set one and press d e f g Click Network. . 6 Click Protocol. Click Advanced Setting of POP3/SMTP and make sure that the status of POP3/SMTP is Enabled.
Security features Note • You can change the SMTP port number using Web Based Management. This is useful if your ISP (Internet Service Provider) implements the “Outbound Port 25 Blocking (OP25B)” service. • If you can use both POP before SMTP and SMTP-AUTH, we recommend choosing SMTP-AUTH. • If you choose POP before SMTP for the SMTP Server Authentication Method, you need to configure the POP3 settings. You can also use the APOP method if needed.
Security features Using IEEE 802.1x authentication 6 You can configure IEEE 802.1x authentication for a wired or a wireless network. IEEE 802.1x authentication configuration using Web Based Management (web browser) 6 If you are configuring IEEE 802.1x authentication for a wired or a wireless network using Web Based Management, follow the instructions. You can also configure IEEE 802.
Security features Note • If you are using a Domain Name System or enable a NetBIOS name, you can enter another name such as “SharedPrinter” instead of the IP address. • For example: http://SharedPrinter/ If you enable a NetBIOS name, you can also use the node name. • For example: http://brnxxxxxxxxxxxx/ The NetBIOS name can be seen in the Network Configuration Report. (To learn how to print the Network Configuration Report, see Printing the Network Configuration Report uu page 37.
Security features CA Cert. + ServerID The verification method to check the Common Name 1 value of the Server Certificate, in addition to the CA reliability of the Server Certificate. 1 g The Common Name verification compares the Common Name of the Server Certificate to the character string configured for the Server ID. Before you use this method, contact your system administrator about the Server Certificate’s Common Name and then configure Server ID. After configuring, click Submit.
Security features Using Certificates for device security 6 Your Brother machine supports the use of multiple security certificates allowing secure management, authentication and communication with the machine. The following security certificate features can be used with the machine. SSL/TLS communication IEEE 802.1x authentication SSL/TLS communication for SMTP/POP3 The Brother machine supports the following certificates. Pre-installed certificate Your machine has a pre-installed certificate.
Security features a b Start your web browser. Type “http://machine’s IP address/” into your browser (where “machine’s IP address” is the machine’s IP address). For example: http://192.168.1.2/ c No password is required by default. Enter a password if you have set one and press d e f g Click Network. . Click Security. Click Certificate. 6 You can configure the certificate settings from the screen below. Note • The functions that are grayed and unlinked indicate they are not available.
Security features Creating and installing a certificate 6 Step by step chart for creating and installing a certificate self-signed certificate or 6 certificate from a CA Create a self-signed certificate using Web Based Management. (See page 67.) Create a CSR using Web Based Management. (See page 72.) Install the self-signed certificate to your computer. (See page 68.) Install the certificate issued by the CA to your Brother machine using Web Based Management. (See page 73.
Security features How to install the self-signed certificate on your computer 6 Note The following steps are for Windows® Internet Explorer®. If you use another web browser, follow the help text of the web browser itself. For Windows Vista®, Windows® 7 and Windows Server® 2008 users that have administrator rights a Click the b Right-click Internet Explorer, and then click Run as administrator. 6 button and All Programs.
Security features 6 d Click Certificate Error, and then click View certificates. For the rest of the instructions, follow the steps from step d in For Windows® XP and Windows Server® 2003 users uu page 69. For Windows® XP and Windows Server® 2003 users a b Start your web browser.
Security features d Click Install Certificate from the General tab. e When the Certificate Import Wizard appears, click Next.
Security features f Choose Place all certificates in the following store and then click Browse. 6 g Choose Trusted Root Certification Authorities and then click OK. h Click Next. i Click Finish.
Security features j Click Yes, if the fingerprint (thumbprint) is correct. Note The fingerprint (thumbprint) is printed on the Network Configuration Report. (To learn how to print the Network Configuration Report, see Printing the Network Configuration Report uu page 37.) k l 6 Click OK. The self-signed certificate is now installed on your computer, and SSL/TLS communication is available. How to create a CSR a b 6 Click Create CSR on the Certificate page.
Security features f The CSR is created. Note • Follow your CA policy regarding the method to send a CSR to your CA. • If you are using Enterprise root CA of Windows Server® 2003/2008, we recommend using the Web Server for the certificate template when creating the Client Certificate for secure management. If you are creating a Client Certificate for an IEEE 802.1x environment with EAP-TLS authentication, we recommend using User for the certificate template.
Security features c d Enter the password if the file is encrypted, and then click Submit. Now the certificate and private key are imported to your machine successfully. To use SSL/TLS communication, the Root Certificate from the CA needs to also be installed on your computer. Contact your network administrator about the installation. How to export the self-signed certificate, the certificate issued by a CA, and the private key a b 6 Click Export shown with Certificate List on the Certificate page.
Security features Managing multiple certificates 6 This multiple certificate feature allows you to manage each certificate that you have installed using Web Based Management. After installing certificates, you can view which certificates are installed from the Certificate page and then view each certificate's content, delete or export the certificate. For information on how to access the Certificate page, see Configure certificate using Web Based Management uu page 65.
7 Troubleshooting 7 Overview 7 This chapter explains how to resolve typical network problems you may encounter when using the Brother machine. If, after reading this chapter, you are unable to resolve your problem, please visit the Brother Solutions Center at: http://solutions.brother.com/. Please go to the Brother Solutions Center at http://solutions.brother.com/ and click Manuals on your model page to download the other manuals.
Troubleshooting I cannot complete the wireless network setup configuration. (continued) Question Interface Solution Are your security settings (SSID/Network Key) correct? wireless Confirm the security settings using the Wireless Setup Helper utility. For more information and to download the utility, see your models' Download page at http://solutions.brother.com/. Reconfirm and choose the correct security settings. • The manufacturer's name or model no.
Troubleshooting Brother machine is not found on the network during the printer driver installation. (continued) Question Interface Solution Is there a wireless computer, Bluetooth supported device, microwave oven or digital cordless phone near the Brother machine or the WLAN access point/router? wireless Move all the devices away from the Brother machine or WLAN access point/router. Brother machine cannot print over the network.
Troubleshooting Brother machine cannot print over the network. Brother machine is not found on the network even after the successful installation. (continued) Question Interface Solution Is your Brother machine assigned with an available IP address? wired/ wireless (continued) 1 (Windows® XP, Windows Server® 2003/2008) Click the Start button, All Programs, Accessories and Windows Explorer, and then My Computer. (Windows Vista ®/Windows® 7) Click the button and Computer.
Troubleshooting Brother machine cannot print over the network. Brother machine is not found on the network even after the successful installation. (continued) Question Interface Solution Did your previous printing job fail? wired/ wireless If the failed printing job is still in the print queue of your computer, delete it.
Troubleshooting I want to check my network devices are working properly. Question Interface Solution Is your Brother machine, access point/router or network hub turned on? wired/ wireless Make sure you have confirmed all instructions in First check the following: uu page 76. Where can I find my Brother machine's network settings, such as IP address? wired/ wireless Print the Network Configuration Report. See Printing the Network Configuration Report uu page 37.
Section II Network Glossary Types of network connections and protocols Configuring your machine for a network Wireless network terms and concepts Additional network settings from Windows® Security terms and concepts II 83 88 92 96 100
8 Types of network connections and protocols 8 Types of network connections 8 Wired network connection example 8 Peer-to-Peer printing using TCP/IP 8 In a Peer-to-Peer environment, each computer directly sends and receives data to each device. There is no central server controlling file access or machine sharing.
Types of network connections and protocols 1 Client computer 8 2 Also known as “Server” or “Print server” 3 TCP/IP, USB or parallel (where available) 4 Network machine (your machine) In a larger network, we recommend a Network Shared printing environment. The “server” or the “print server” must use the TCP/IP print protocol. The Brother machine needs to have an appropriate IP address configuration unless the machine is connected via the USB or the parallel interface at the server.
Types of network connections and protocols Protocols 8 TCP/IP protocols and functions 8 Protocols are the standardized sets of rules for transmitting data on a network. Protocols allow users to gain access to network connected resources. The print server used on the Brother machine supports the TCP/IP (Transmission Control Protocol/Internet Protocol) protocol. TCP/IP is the most popular set of protocols used for communication such as Internet and E-mail.
Types of network connections and protocols WINS 8 Windows® Internet Name Service is an information providing service for the NetBIOS name resolution by consolidating an IP address and a NetBIOS name that is in the local network. LPR/LPD 8 Commonly used printing protocols on a TCP/IP network. SMTP client 8 Simple Mail Transfer Protocol (SMTP) client is used to send E-mails via the Internet or Intranet.
Types of network connections and protocols Web Services 8 The Web Services protocol enables Windows Vista® or Windows® 7 users to install the drivers used for printing by right-clicking the machine icon from the Network folder. (See Installing the driver used for printing via Web Services (Windows Vista® and Windows® 7) uu page 97.) The Web Services also lets you check the current status of the machine from your computer.
9 Configuring your machine for a network 9 IP addresses, subnet masks and gateways 9 To use the machine in a networked TCP/IP environment, you need to configure its IP address and subnet mask. The IP address you assign to the print server must be on the same logical network as your host computers. If it is not, you must properly configure the subnet mask and the gateway address. IP address 9 An IP address is a series of numbers that identifies each device connected to a network.
Configuring your machine for a network Subnet Mask: 255.255.255.000 Where the 0 is in the Subnet mask, there is no limit to communication at this part of the address. What this means in the above example is, we can communicate with any device that has an IP address that begins with 192.168.1.x. (where x. are numbers between 0 and 255). Gateway (and router) 9 A gateway is a network point that acts as an entrance to another network and sends data transmitted via the network to an exact destination.
Configuring your machine for a network IEEE 802.1x Authentication 9 IEEE 802.1x is an IEEE standard for wired and wireless networks that limits access from unauthorized network devices. Your Brother machine (supplicant) sends an authentication request to a RADIUS server (Authentication server) through your access point (Authenticator). After your request has been verified by the RADIUS server, your machine can access the network.
Configuring your machine for a network EAP-TLS EAP-TLS (Extensible Authentication Protocol-Transport Layer Security) requires digital certificate authentication both at a client and an authentication server.
10 Wireless network terms and concepts 10 Specifying your network 10 SSID (Service Set Identifier) and channels 10 You need to configure the SSID and a channel to specify the wireless network you want to connect to. SSID Each wireless network has its own unique network name, technically referred to as an SSID. The SSID is a 32-byte or less value and is assigned to the access point. The wireless network devices you want to associate to the wireless network should match the access point.
Wireless network terms and concepts Security terms 10 Authentication and encryption 10 Most wireless networks use some kind of security settings. These security settings define the authentication (how the device identifies itself to the network) and encryption (how the data is encrypted as it is sent on the network). If you do not correctly specify these options when you are configuring your Brother wireless machine, it will not be able to connect to the wireless network.
Wireless network terms and concepts Note • IEEE 802.11n does not support WEP or TKIP for the encryption method. • If you want to connect to your wireless network using IEEE 802.11n, we recommend to choose AES. Network Key 10 Open system/Shared key with WEP This key is a 64-bit or 128-bit value that must be entered in an ASCII or hexadecimal format. • 64 (40) bit ASCII: Uses 5 text characters. e.g. “WSLAN” (this is case sensitive) • 64 (40) bit hexadecimal: Uses 10 digits of hexadecimal data. e.g.
Wireless network terms and concepts Encryption methods 10 TKIP For TKIP, see TKIP uu page 93. AES For AES, see AES uu page 93. CKIP The original Key Integrity Protocol for LEAP by Cisco Systems, Inc. User ID and password 10 The following security methods use a user ID less than 64 characters and a password of less than 32 characters in length.
11 Additional network settings from Windows® Types of additional network settings 11 11 The following features are available to use if you want to configure additional network settings. Web Services for printing (Windows Vista® and Windows ® 7) Vertical Pairing (Windows® 7) Note Verify the host computer and the machine are either on the same subnet, or that the router is properly configured to pass data between the two devices.
Additional network settings from Windows® Installing the driver used for printing via Web Services (Windows Vista® and Windows® 7) 11 The Web Services feature allows you to monitor machines on the network. This also simplifies the driver installation process. The driver used for printing via Web Services can be installed by right-clicking the printer icon on the computer, and the computer’s Web Services port (WSD port) will be created automatically.
Additional network settings from Windows® Uninstalling the driver used for printing via Web Services (Windows Vista® and Windows® 7) 11 To uninstall Web Services from a computer, follow the instructions below. a (Windows Vista®) Click , then choose Network. (Windows® 7) Click 1 , Control Panel, Network and Internet 1 and then View network computers and devices. In order to display Network and Internet, select Category in the View by box in control panel.
Additional network settings from Windows® Network printing installation for Infrastructure mode when using Vertical Pairing (Windows® 7) 11 Windows® Vertical Pairing is a technology to allow your Vertical Pairing supported wireless machine to connect to your Infrastructure network using the PIN Method of WPS and the Web Services feature. This also enables the printer driver installation from the printer icon that is in the Add a device screen.
12 Security terms and concepts 12 Security features 12 Security terms 12 CA (Certificate Authority) A CA is an entity that issues digital certificates (especially X.509 certificates) and vouches for the binding between the data items in a certificate. CSR (Certificate Signing Request) A CSR is a message sent from an applicant to a CA in order to apply for issue of a certificate.
Security terms and concepts IPPS 12 A secure version of the Internet Printing Protocol (IPP Version 1.0), which uses SSL/TLS. SNMPv3 12 The Simple Network Management Protocol version 3 (SNMPv3) provides user authentication and data encryption to manage network devices securely. IPsec 12 IPsec is an optional security feature of the IP protocol that provides authentication and encryption services.
Section III Appendixes Appendix A Appendix B III 103 104
A Appendix A A Supported protocols and security features Interface Ethernet 10BASE-T, 100BASE-TX, 1000BASE-T Wireless IEEE 802.11b/g/n (Infrastructure Mode) A IEEE 802.
B Appendix B B Using services B A service is a resource that can be accessed by computers that wish to print to the Brother print server. The Brother print server provides the following predefined services (do a SHOW SERVICE command in the Brother print server remote console to see a list of available services): Enter HELP at the command prompt for a list of supported commands.
Appendix B Other ways to set the IP address (for advanced users and administrators) B Using DHCP to configure the IP address B The Dynamic Host Configuration Protocol (DHCP) is one of several automated mechanisms for IP address allocation. If you have a DHCP server on your network, the print server will automatically obtain its IP address from the DHCP server and register its name with any RFC 1001 and 1002-compliant dynamic name services.
Appendix B on your host computer (it should appear in the /etc/services file on your host as a real service; type man bootpd or refer to your system documentation for information). BOOTP is usually started up via the /etc/inetd.conf file, so you may need to enable it by removing the “#” in front of the bootp entry in that file. For example, a typical bootp entry in the /etc/inetd.
Appendix B Where ethernetaddress is the MAC Address / Ethernet Address of the print server and ipaddress is the IP address of the print server. For example: Windows® systems Windows® systems require the dash “-” character between each digit of the MAC Address / Ethernet Address. arp -s 192.168.1.2 00-80-77-31-01-07 ping 192.168.1.2 UNIX®/Linux systems Typically, UNIX and Linux systems require the colon “:” character between each digit of the MAC Address / Ethernet Address. arp -s 192.168.1.
Appendix B You will now need to set the subnet mask by typing SET IP SUBNET subnet mask, where subnet mask is the desired subnet mask you wish to assign to the print server (check with your network administrator for the subnet mask to use). For example: Local> SET IP SUBNET 255.255.255.0 If you do not have any subnets, use one of the following default subnet masks: 255.0.0.0 for class A networks 255.255.0.0 for class B networks 255.255.255.
C Index A G Ad-hoc mode .........................................................9, 27 AES ........................................................................... 93 AOSS™ ..............................................................22, 34 APIPA ........................................................ 33, 85, 106 APOP ...................................................................... 101 ARP ...................................................................85, 106 Authentication ..............
Index POP before SMTP ............................................60, 101 POP over SSL/TLS ................................................. 101 Port 9100 .................................................................. 86 POSTSCRIPT_P1 ................................................... 104 Protocol ..................................................................... 85 Public key cryptosystem ......................................... 100 R RARP ........................................................
Brother International Corporation 100 Somerset Corporate Boulevard P.O. Box 6911 Bridgewater, NJ 08807–0911 USA Brother International Corporation (Canada) Ltd. 1 rue Hôtel de Ville, Dollard-des-Ormeaux, QC, CANADA H9B 3H6 Visit us on the World Wide Web http://www.brother.com/ This product is approved for use in the country of purchase only. Local Brother companies or their dealers will only support machines purchased in their own countries. www.brotherearth.
