User manual

ManualsBrandsSEH ManualsComputer equipmentTPG-65

ThinPrint® Gateway

TPG-25 / TPG-65

User Manual

Summary of content (107 pages)

PAGE 1
ThinPrint® Gateway TPG-25 / TPG-65 User Manual
PAGE 2
Manufacturer: SEH Computertechnik GmbH Suedring 11 33647 Bielefeld Germany Phone: +49 (0)521 94226-29 Fax: +49 (0)521 94226-99 Support: +49 (0)521 94226-44 Email: info@seh.de Web: http://www.seh.de Document: Type: User Manual Title: TPG-25 / TPG-65 Version: 1.0 Online Links to Important Websites: Support Contacts & Information: http://www.seh-technology.com/support Sales Contacts & Information: http://www.seh-technology.com/sales Downloads: http://www.seh-technology.com/services/ downloads/tpg.
PAGE 3
Table of Contents 1 General Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.1 ThinPrint® Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 1.2 Documentation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 1.3 Support and Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 1.4 Your Safety . . . . . . . .
PAGE 4
5 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 5.1 How to Control the Access to the TPG Control Center . . . . . . . . . . . . . . 52 5.2 How to Control the Access to the TPG (TCP Port Access Control). . . . 53 5.3 How to Use Certificates Correctly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 5.4 How to Use Authentication Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 6 Maintenance. . . . . . .
PAGE 5
General Information 1 General Information What information do you need? This chapter contains information concerning the device and the documentation as well as notes about your safety. You will learn how to benefit from your ThinPrint® Gateway and how to operate the device properly.
PAGE 6
General Information 1.1 What is ThinPrint®? ThinPrint® Gateway ThinPrint® is a software-based technology providing print job compression and bandwidth control for network printing. The data traffic between the application server or the print server and the local printer is reduced considerably and networks are relieved. The ThinPrint technology enables the transmission of compressed and bandwidth-optimized print jobs within a network. Print jobs are compressed using the server component of the .
PAGE 7
General Information Features The TPG supports the following features (amongst others): • The feature AutoConnect allows you to automatically create the required printer objects for the relevant client on the server. AutoConnect will automatically connect all selected printers on the server with a ThinPrint port; provided that templates exist. • The ThinPrint Connection Service allows you to print to ThinPrint clients, that are found behind a firewall, for example.
PAGE 8
General Information 1.2 The TPG documentation consists of the following documents: HT M L HT M L Pr in t PD ed F PD F Structure of the Documentation Documentation Document Features User Documentation Detailed description of the TPG configuration and administration. Quick Installation Guide Information about security, hardware installation, and the initial operation procedure.
PAGE 9
General Information Symbols and Conventions A variety of symbols are used within this document. Their meaning is listed in the following table: Table 1: Conventions within the documentation Symbol / Convention Description Warning A warning contains important information that must be heeded. Non-observance may lead to malfunctions. Note Proceed as follows: 1. Mark ... The ‘hand’ symbol marks the beginning of instructions. Individual instructions are set in italics.
PAGE 10
General Information 1.3 Support Current Services Support and Service If questions remain, please contact our Computertechnik GmbH offers extensive support. Monday through Thursday Friday ℡ +49 (0)521 94226-44 @ support@seh.de hotline. SEH from 8:00 a.m. to 4:45 p.m. and from 8:00 a.m. to 3:15 p.m. (CET) The following services can be found on the SEH Computertechnik GmbH homepage: http://www.seh-technology.
PAGE 11
General Information 1.4 Your Safety Read and observe all safety regulations and warnings found in the documentation, on the device and on the packaging. This will avoid potential misuse and prevent damages to people and devices. SEH Computertechnik GmbH will not accept any liability for personal injuries, property damages and consequential damages resulting from the non-observance of the mentioned safety regulations and warnings. Non-observance will result in the warranty claims becoming void.
PAGE 12
General Information 1.5 First Steps This section provides all the information that you need for a fast operational readiness. 1. 2. 3. 4. 5. ª TPG User Manual Proceed as follows: Read and observe the security regulations in order to avoid damages to people and devices, see: Ö 11. Carry out the hardware installation. The hardware installation comprises the connection of the ISD to the network and the mains supply; see: 'Quick Installation Guide'.
PAGE 13
General Information 1.6 Saving the IP Address in the TPG Why IP Addresses? An IP address is used to address network devices in an IP network. TCP/IP network protocols require the storing of the IP address in the TPG so that the device can be addressed within the network. How Does the TPG Obtain IP Addresses? TPG are shipped without an IP address. The TPG is able to assign itself an IP address during the initial installation. Boot protocols are used to assign an IP address automatically to the TPG.
PAGE 14
General Information ZeroConf If no IP address can be assigned via boot protocols, the TPG assigns itself an IP address via ZeroConf. For this purpose, the TPG picks an IP address at random from the address range (169.254.0.0/16) which is reserved for ZeroConf. You can use the domain name service of Bonjour for the name resolution of the IP address; see: Ö 35. BOOTP The TPG supports BOOTP, which means that the IP address of the TPG can be assigned via a BOOTP server.
PAGE 15
General Information Auto Configuration (IPv6 Standard) The TPG can have an IPv4 address and several IPv6 addresses at the same time. The IPv6 standard is used to automatically assign IP addresses in IPv6 networks. When connected to an IPv6 network, the TPG will automatically obtain an additional 'link-local' IPv6 address from the IPv6 address range. The TPG uses the 'link-local' IP address to search for a router. The TPG sends so-called 'Router Solicitations' (RS) to the special multicast address FF02::2.
PAGE 16
General Information ARP/PING The assignment of the IP address to the hardware address can be done via the ARP table. The ARP table is an internal system file in which the assignment is temporarily saved (about 15 min). This table is administered by the ARP protocol. By means of the 'arp' and 'ping' commands, you can save the IP address in the TPG. If the TPG already has an IP address, the 'arp' and 'ping' commands cannot be used to save a new IP address. However, an IP address from the address range (169.
PAGE 17
Administration Methods 2 Administration Methods You can administer and configure the TPG in a number of ways. The following chapter gives you an overview of the various administration options. You will get information on when to use these methods and which functions these methods support.
PAGE 18
Administration Methods 2.1 Which Functions Are Supported? Administration via the TPG Control Center The TPG Control Center comprises all features for the administration of the TPG. The TPG Control Center is stored in the TPG and can be displayed by means of a browser software (Internet Explorer, Firefox, Safari). Requirements ; The TPG is connected to the network and the mains voltage. ; The TPG has a valid IP address. Starting the TPG Control Center Proceed as follows: 1. Open your browser. 2.
PAGE 19
Administration Methods Fig. 1: TPG Control Center - START Structure of the TPG Control Center The available menu items are located in the navigation bar (top). After selecting a menu item (simple mouse click), the available submenu items are displayed at the left. After selecting a submenu item, the corresponding page with its content is displayed (at the right). You can set the language via the menu item START. Simply select the relevant flag.
PAGE 20
Administration Methods 2.2 Administration via the InterCon-NetTool The software InterCon-NetTool has been developed by SEH Computertechnik GmbH for the administration of SEH network devices (TPG, TPR, print server, etc.). Depending on the network device you can configure various features via the InterCon-NetTool. Mode of Operation After the InterCon-NetTool is started, the network will be scanned for connected network devices. The network range to be scanned is freely definable.
PAGE 21
Administration Methods Structure of the InterCon-NetTool After the program start you will see the main dialog with the following elements. The dialog may vary, depending on which elements you have chosen to be shown or hidden. Menu bar Filter for the device list Toolbar Device list Shortcut menu Fig.
PAGE 22
Administration Methods 2.3 Administration via Email You can administer the TPG via email and thus via any computer with Internet access. Functionalities An email allows you to • send TPG status information • specify TPG parameters or • perform an update on the TPG. Requirements ; In order to receive emails, the TPG must be set up as user with its own email address on a POP3 server. ; A DNS server has been configured on the TPG; see: Ö 30.
PAGE 23
Administration Methods The following commands are supported: Commands Option Description get status Sends the status page of the TPG. get parameters Sends the parameter list of the TPG. set parameters Sends parameters to the TPG. The syntax and values can be obtained from Ö the parameter list, see: 87. Parameter and value must be entered into the email body. update tpg Carries out an automatic update using the software that is attached to the email.
PAGE 24
Administration Methods Example 1 This email causes the TPG to send the parameter list to the sender of the email. Email address of the TPG as configured on the POP3 server. Command Fig. 3: Administration via Email - Example 1 Example 2 This email configures the parameter 'Description' on the TPG. Email address of the TPG as configured on the POP3 server. Command TAN Parameter and parameter value Fig. 4: Administration via Email - Example 2 2.
PAGE 25
Network and Device Settings 3 Network and Device Settings What information do you need? You can define various settings for an ideal integration of the TPG into a network. You can also configure various device settings. This chapter describes which network and device settings are supported.
PAGE 26
Network and Device Settings 3.1 How to Configure IPv4 Parameters TCP/IP (Transmission Control Protocol over Internet Protocol) forwards data packets across several connections and establishes a connection between the network participants. The boot protocols DHCP and BOOTP belong to the TCP/IP protocol family. You can define various IPv4 parameters for an ideal integration of your TPG into a TCP/IP network. For further information about the assignment of IP addresses, see: Ö 13.
PAGE 27
Network and Device Settings Configuring IPv4 Parameters via the InterCon-NetTool Requirements ; The InterCon-NetTool is installed on the client, see: Ö 20. ; The network scan via Multicast has been enabled in the InterCon-NetTool. ; The router in the network forwards multicast requests. Proceed as follows: 1. Start the InterCon-NetTool. 2. Highlight the TPG in the device list. The TPG is displayed in the device list under 'ZeroConf' with an IP address from the address range (169.254.0.
PAGE 28
Network and Device Settings 3.2 How to Configure IPv6 Parameters You can integrate the TPG into an IPv6 network. What are the Advantages of IPv6? IPv6 (Internet Protocol version 6) is the successor of the more common IPv4. Both protocols are standards for the network layer of the OSI model and regulate the addressing and routing of data packets via a network.
PAGE 29
Network and Device Settings The URL will only be accepted by browsers that support IPv6. Which Types of IPv6 Addresses are available? There are different types of IPv6 addresses. The prefixes of the IPv6 addresses provide information about the IPv6 address types. • Unicast addresses can be routed globally. These addresses are unique and therefore unambiguous. A packet that is sent to a unicast address will only arrive to the interface that is assigned to this address.
PAGE 30
Network and Device Settings Table 3: IPv6 Parameters Parameters Description IPv6 Enables/disables the IPv6 functionality of the TPG. Automatic configuration Enables/disables the automatic assignment of the IPv6 address for the TPG. IPv6 address Defines a manually assigned IPv6 Unicast address in the n:n:n:n:n:n:n:n format for the TPG. Every 'n' represents the hexadecimal value of one of the eight 16 bit elements of the address.
PAGE 31
Network and Device Settings Table 4: DNS Parameters Parameters Description DNS Enables/disables DNS. Primary DNS server Defines the IP address of the primary DNS server (e.g. 192.168.0.21). Secondary DNS server Defines the IP address of the secondary DNS server. The secondary DNS server is used if the first one is not available. Domain name (suffix) Defines the domain name of an existing DNS server (e.g. company.de). 3.
PAGE 32
Network and Device Settings 1. 2. 3. 4. ª Proceed as follows: Start the TPG Control Center. Select NETWORK - SNMP. Configure the SNMP parameters; see: Table 5 Ö 32. Click Save & Restart to confirm. The settings are saved. Table 5: SNMP Parameters Parameters Description SNMPv1 Enables/disables SNMPv1. Read-only Enables/disables the write protection for the community.
PAGE 33
Network and Device Settings SMTP What do you want to do? 'SMTP' (Simple Mail Transfer Protocol) is a protocol that controls the sending of emails in networks. SMTP is required in the TPG to administer the TPG via email and to run the notification service. ’Configuring POP3’ Ö 33 ’Configuring SMTP’ Ö 34 Configuring POP3 1. 2. 3. 4. ª Proceed as follows: Start the TPG Control Center. Select NETWORK - Email. Configure the POP3 parameters; see: Table 6 Ö 33. Click Save & Restart to confirm.
PAGE 34
Network and Device Settings Configuring SMTP 1. 2. 3. 4. ª Proceed as follows: Start the TPG Control Center. Select NETWORK - Email. Configure the SMTP parameters; see: Table 7 Ö 34. Click Save & Restart to confirm. The settings are saved. Table 7: SMTP Parameters Parameters Description SMTP - Server name Defines the name of the SMTP server. SMTP - Server port Defines the port number used by the TPG to send emails to the SMTP server. The port number 25 is preset. SMTP - TLS Enables/disables TLS.
PAGE 35
Network and Device Settings 3.6 How to Configure Bonjour Bonjour allows the automatic recognition of computers, devices, and network services in TCP/IP-based networks. The TPG uses the following Bonjour functions: • Checking the IP address assigned via ZeroConf • Assignment of host names to IP addresses • Location of server services without knowledge of the device’s host name or IP address. When checking the IP address assigned via ZeroConf (see: ’ZeroConf’ Ö 14) the TPG sends a query to the network.
PAGE 36
Network and Device Settings Table 8: Bonjour Parameters Parameters Description Bonjour Enables/disables Bonjour. Bonjour name Defines the Bonjour name of the TPG. The TPG uses this name for its Bonjour services. If no Bonjour name is entered, the default name will be used (device name@ICxxxxxx). 3.7 How to Configure the Device Time You can set the time of the TPG via a time server (SNTP server) in the network.
PAGE 37
Network and Device Settings 4. Enter the IP address or the host name of the time server into the Time server box. (A host name can only be used if a DNS server was configured beforehand.) 5. Select the code for your local time zone from the Time zone list. 6. Click Save & Restart to confirm. ª The settings are saved. 3.8 How to Determine a Description You can assign freely definable descriptions to the TPG. This gives you a better overview of the devices available in the network. 1. 2. 3. 4.
PAGE 38
Network and Device Settings 3.9 How to Use the Notification Service You can get notifications in the form of emails or SNMP traps from the TPG. By means of these notifications up to four email recipients can be informed about various events irrespective of time and location. The following message types are possible: • The status email periodically informs the recipient about the status of the TPG. • The event notification informs you about a specific event on the TPG via email or SNMP trap.
PAGE 39
Network and Device Settings 5. Specify the sending interval in the Status notification time area. 6. Click Save & Restart to confirm. ª The settings are saved. Configuring event notifications via email Requirements ; SMTP parameters can be configured on the TPG, see: Ö 32. ; A DNS server has been configured on the TPG; see: Ö 30. For the notification service you can specify up to two email recipients and the message types. 1. 2. 3. 4. 5. ª Proceed as follows: Start the TPG Control Center.
PAGE 40
ThinPrint Settings 4 ThinPrint Settings What information do you need? You must define the port, the bandwidth as well as the printer and the printer properties if you want the TPG to communicate with a ThinPrint server via a port or if you want the TPG to receive and forward print jobs. This chapter describes how to match the parameter values in an ideal way.
PAGE 41
ThinPrint Settings 4.1 How to Define the ThinPrint Port In ThinPrint environments, printing is done to a TCP/IP port via a socket connection. The port number of the TPG must be identical to the port number that was defined for the ThinPrint server. Port 4000 is preset. You can change the port number, if necessary. 1. 2. 3. 4. ª Proceed as follows: Start the TPG Control Center. Select DEVICE – ThinPrint®. Enter the port number into the ThinPrint® port box. Click Save & Restart to confirm.
PAGE 42
ThinPrint Settings 4.3 How to Embed Printers Print jobs are sent from the ThinPrint server to the TPG. After the decompression of the print jobs, the TPG forwards the print jobs to the printers. The print jobs are assigned via the printer ID. Up to two (TPG-25) or six (TPG-65) network printers can be embedded via the TPG. When integrating the connected network printers you must define the printer parameters (name, class, driver, address) and a transfer method.
PAGE 43
ThinPrint Settings The support of the transfer methods depends on the printer. Consult your printer manual for more information. 1. 2. 3. 4. 5. ª Proceed as follows: Start the TPG Control Center. Select DEVICE – ThinPrint®. Enter the printer parameters into the boxes; see: Table 9 Ö 43. Select a transfer method for every printer. Click Save & Restart to confirm. The settings are saved.
PAGE 44
ThinPrint Settings Parameters Description Port Defines the port number for RAW/socket printing. (Default = 9100) Is used when selecting 'RAW' as the transfer method. URL Specifies the second part of the printer URL for IPP printing. (Default = ipp/lp1) Is used when selecting 'IPP' as the transfer method. SSL Enables/disables the SSL/TLS encryption for IPP printing. Is used when selecting 'IPP' as the transfer method. LPD Queue Defines the queue name for LPD printing.
PAGE 45
ThinPrint Settings 1. 2. 3. 4. ª Proceed as follows: Start the TPG Control Center. Select DEVICE – ThinPrint®. In the Printer connection timeout and Job sending timeout fields, enter the periods of time in seconds after which the timeouts should take effect (0 s = off). Click Save & Restart to confirm. The settings are saved. 4.5 How to Get Status Information on the Printer Connections You can view the connection status of the embedded printers.
PAGE 46
ThinPrint Settings Configuring a 'ping' Query via the TPG Control Center 1. 2. 3. 4. 5. ª Proceed as follows: Start the TPG Control Center. Select DEVICE – ThinPrint® printer. Tick Monitoring via ping. Enter the interval (in seconds) into the Monitoring interval box. Click Save & Restart to confirm. The settings are saved. Displaying the Printer Connection Status via the TPG Control Center Proceed as follows: 1. Start the TPG Control Center. 2. Select DEVICE - ThinPrint® printer.
PAGE 47
ThinPrint Settings 4.6 How to get Printer Messages You can view printer error messages (Paper empty, Offline, Paper jam, etc.) and printer status messages (idle, printing, warming up, etc.). In order to get printer messages, you must configure an SNMP query beforehand. Not all printers support SNMP. Consult your printer manual for more information.
PAGE 48
ThinPrint Settings 4.7 How to Use the ThinPrint Connection Service The ThinPrint Connection Service sends print jobs via TCP/IP to ThinPrint clients (i.e. the TPG) in masked networks (NAT). The Connection Service manages the entire communication between the ThinPrint server and the corresponding client. This allows the connection via masked networks as well as the assignment of the relevant print job to the respective end device. To use this service, you must prepare the TPG.
PAGE 49
ThinPrint Settings Parameters Description Client ID Client ID as stored in the database of the Connection Service. The Connection Service needs the Client ID to send print jobs to the TPG. Authentication key Authentication key as stored in the database of the Connection Service. Keep alive Interval (in seconds) after which the connection to the Connection Service is refreshed. The value has to be equal to or lower than the 'KeepAliveTO' value set on the Connection Service server.
PAGE 50
ThinPrint Settings 4.8 How Does the TPG Receive Encrypted Data? A secure connection during the transfer of print jobs between ThinPrint (server or Connection Service) and the TPG is guaranteed by means of an SSL/TLS encryption. The ThinPrint server requests a certificate from the TPG. By means of this certificate, the ThinPrint server checks whether the TPG is authorized to receive the print data.
PAGE 51
Security 5 Security A number of security mechanisms are available to ensure optimum security for the TPG. This chapter describes how to make use of these security mechanisms.
PAGE 52
Security 5.1 How to Control the Access to the TPG Control Center You are able to restrict the administrative web access to the TPG Control Center with a password or by selecting the permitted types of connection. What do you want to do? ’Specifying the Permitted Web Connection Type’ Ö 52 ’Protecting the web access via a password’ Ö 53 The TPG Control Center can also be protected by the SNMP security concept. The concept includes administration of user groups and access rights.
PAGE 53
Security Protecting the web access via a password You can use a password to protect the TPG Control Center against unauthorized web access. If a password is set, only the start page of the TPG Control Center can be visited and displayed. If you select a menu item, you will be asked to enter a password. You will also be asked to enter a non-definable user name. Leave this field blank at the password prompt. 1. 2. 3. 4. 5. ª Proceed as follows: Start the TPG Control Center.
PAGE 54
Security • MAC addresses are not delivered through routers! • The use of wildcards (*) allows you to define subnetworks. Test Mode The 'test mode' allows you to check the configured access protection. If the test mode is activated, access protection remains active until the TPG is rebooted. After restarting, the protection is no longer effective. The 'test mode' option is activated by default. After a successful test, you must deactivate the test mode so that access protection remains permanently active.
PAGE 55
Security 5.3 How to Use Certificates Correctly The TPG has its own certificate management. This section explains how certificates are used and when the use of certificates is recommended. What are Certificates? Certificates can be used in TCP/IP-based networks to encrypt data and to authenticate communication partners. Certificates are electronic messages containing a key (public key) and a signature. Benefits and Purpose The use of certificates allows for various security mechanisms.
PAGE 56
Security authority. The root certificate is stored on an authentication server in the network. • Upon delivery, a certificate (the so-called default certificate) is stored in the TPG. It is recommended that you replace the default certificate by a self-signed certificate or CA certificate as soon as possible. • S/MIME certificate S/MIME certificates (*.pem file) are used to sign and encrypt the emails that are sent by the TPG.
PAGE 57
Security What do you want to do? ’Displaying Certificates’ Ö 57 ’Creating a Self-Signed Certificate’ Ö 57 ’Creating a Certificate Request for CA Certificates’ Ö 58 ’Saving the CA Certificate in the TPG’ Ö 59 ’Saving the root certificate on the TPG’ Ö 60 ’Saving the pkcs(12) certificate in the TPG’ Ö 60 ’Saving the S/MIME certificate on the TPG’ Ö 61 ’Deleting Certificates’ Ö 62 Displaying Certificates Certificates installed on the TPG and certificate requests can be displayed and viewed.
PAGE 58
Security ª The certificate will be created and installed. This may take a few minutes. Table 11: Parameters for the Creation of Certificates Parameters Description Common name Is used to clearly identify the certificate. It is advisable to use the IP address or the host name of the TPG to allow a clear assignment of the certificate to the TPG. You can enter a maximum of 64 characters. Email address Specifies an email address. You can enter a maximum of 40 characters.
PAGE 59
Security If a certificate request has already been created on the TPG, it will be overwritten. Proceed as follows: 1. Start the TPG Control Center. 2. Select SECURITY - Certificates. 3. Click Certificate request. 4. Enter the required parameters, see: Table 11 Ö 58. 5. Click Create a request. The creation of the certificate request is in progress. This may take a few minutes. 6. Select Upload and save the requests in a text file. 7. Click OK. 8.
PAGE 60
Security 5. Specify the CA certificate. 6. Click Install. ª The CA certificate is saved in the TPG. Saving the root certificate on the TPG The TPG offers a number of authentication methods to verify its identity in a network. If you use the authentication method 'EAP-TLS', you must install the root certificate of the authentication server (RADIUS) on the TPG; see: Ö 63. If a root certificate has already been installed on the TPG, it will be overwritten.
PAGE 61
Security ; No certificate request may exist. To delete the certificate request, see: Ö 62. ; No CA certificate may be installed. To delete a CA certificate, see: Ö 62. 1. 2. 3. 4. 5. 6. 7. ª Proceed as follows: Start the TPG Control Center. Select SECURITY - Certificates. Click pkcs12 certificate. Click Browse. Specify the pkcs(12) certificate. Enter the password. Click Install. The pkcs(12) certificate will be saved in the TPG. Saving the S/MIME certificate on the TPG S/MIME certificates (*.
PAGE 62
Security Deleting Certificates Proceed as follows: 1. Start the TPG Control Center. 2. Select SECURITY - Certificates. 3. Select the certificate to be deleted via the icon certificate is displayed. 4. Click Delete. ª The certificate is deleted. 5.4 . The How to Use Authentication Methods By means of an authentication, a network can be protected against unauthorized access. The TPG can participate in various authentication procedures.
PAGE 63
Security What do you want to do? ’Configuring EAP-MD5’ Ö 63 ’Configuring EAP-TLS’ Ö 63 ’Configuring EAP-TTLS’ Ö 65 ’Configuring PEAP’ Ö 66 ’Configuring EAP-FAST’ Ö 67 Configuring EAP-MD5 Benefits and Purpose EAP-MD5 validates the identity of devices or users before they gain access to network resources. You can configure the TPG for the EAP-MD5 network authentication. This makes sure that the TPG gets access to protected networks.
PAGE 64
Security configure the TPG for the EAP-TLS network authentication. This makes sure that the TPG gets access to protected networks. Mode of Operation EAP-TLS describes a certificate-based authentication method via a RADIUS server. For this purpose, certificates are exchanged between the TPG and the RADIUS server. An encrypted TLS connection between the TPG and the RADIUS server is established in this process. Both RADIUS server and TPG need a valid, digital certificate signed by a CA.
PAGE 65
Security Configuring EAP-TTLS Benefits and Purpose Mode of Operation EAP-TTLS (Tunneled Transport Layer Security) validates the identity of devices or users before they gain access to network resources. You can configure the TPG for the EAP-TTLS network authentication. This makes sure that the TPG gets access to protected networks. EAP-TTLS consists of two phases: • In phase 1, a TLS-encrypted channel between the TPG and the RADIUS server will be established.
PAGE 66
Security Configuring PEAP Benefits and Purpose PEAP (Protected Extensible Authentication Protocol) validates the identity of devices or users before they gain access to network resources. You can configure the TPG for the PEAP network authentication. This makes sure that the TPG gets access to protected networks. Mode of Operation In the case of PEAP (compare EAP-TTLS, see Ö 65), an encrypted TLS (Transport Layer Security) channel is established between the TPG and the RADIUS server.
PAGE 67
Security Configuring EAP-FAST Benefits and Purpose EAP-FAST (Flexible Authentication via Secure Tunneling) validates the identity of devices or users before they gain access to network resources. You can configure the TPG for the EAP-FAST network authentication. This makes sure that the TPG gets access to protected networks. Mode of Operation EAP-FAST uses (as in the case of EAP-TTLS, see Ö 65) a channel in order to protect the data transfer.
PAGE 68
Security 3. Select FAST from the Authentication method list. 4. Enter the user name and the password that are used for the configuration of the TPG on the RADIUS server. 5. Select the settings intended to secure the communication in the channel. 6. Click Save & Restart to confirm. ª The settings are saved.
PAGE 69
Maintenance 6 Maintenance What information do you need? A number of maintenance activities can be carried out on the TPG. This chapter gives a short overview.
PAGE 70
Maintenance 6.1 How to Secure the TPG Parameters (Backup) All parameter values of the TPG (exception: passwords) are saved in the 'parameters' file. You can save the parameters file as backup copy on your local client. This allows you to get back to a stable configuration status at any time. You can edit the parameter values of the copied file using a text editor. Afterwards, the configured file can be downloaded to a TPG. The parameter values included in the file will be taken over by the device.
PAGE 71
Maintenance 3. Click the icon . The current parameter values are displayed. 4. Save the 'parameters' file on a local system with the help of your browser. ª The parameter file is copied and secured. Loading the parameters file to a TPG 1. 2. 3. 4. 5. ª Proceed as follows: Start the TPG Control Center. Select MAINTENANCE - Parameter backup. Click Browse. Specify the 'parameters' file. Click Import. The parameter values in the file are applied to the TPG.
PAGE 72
Maintenance passwords). The TPG will automatically take over the values contained in the parameters file on the USB flash drive. This way, the parameter values can be quickly and easily loaded to other TPG via a USB flash drive (e.g. when configuring new devices). Formatting To use the USB flash drive on the TPG, the USB flash drive must have the correct file system. You may have to format the USB flash drive, if necessary.
PAGE 73
Maintenance Automatic print job buffering Requirements ; A USB flash drive has been connected to the TPG. ; The USB flash drive has been formatted correctly; see: Ö 72. 1. 2. 3. 4. ª Proceed as follows: Start the TPG Control Center. Select MAINTENANCE – USB device. Tick Print job buffering. Click Save & Restart. The settings are saved. Saving the Parameter Values Automatically Requirements ; A USB flash drive has been connected to the TPG.
PAGE 74
Maintenance 6.3 How to Reset Parameters to their Default Values (Reset) It is possible to reset the parameters of the TPG to their default values (factory settings). All previously configured parameter values will be deleted in this process. Installed certificates will not be deleted. If you reset the parameters, the IP address of the TPG may change and the connection to the TPG Control Center may be terminated.
PAGE 75
Maintenance 3. Click Default settings. ª The parameters are reset. Resetting Parameters via the InterCon-NetTool 1. 2. 3. 4. ª Proceed as follows: Start the InterCon-NetTool. Highlight the TPG in the device list. Select Actions – Default Settings from the menu bar. Click Finish. The parameters are reset. Resetting the parameters via the status/reset button LEDs, various ports and the status/reset button can be found on the TPG. These components are described in the 'Quick Installation Guide'.
PAGE 76
Maintenance The phases are described in the following: [Phase 1] Reset [Phase 2] Restart of the device Turn off the TPG (interrupt the power supply). Turn off the TPG (interrupt the power supply). Remove the network cable (RJ-45) from the TPG. Connect the network cable (RJ-45) to the TPG. Press and hold the status/reset button. Turn on the TPG (establish the power supply). Turn on the TPG (establish the power supply). The activity LED will then be permanently lit in orange.
PAGE 77
Maintenance 6.4 How to Perform an Update You can carry out software and firmware updates on the TPG. Updates allow you to benefit from currently developed features. What Happens during an Update? In the course of an update, the old firmware/software will be overwritten and replaced by the new firmware/software. The parameter default settings of the device remain unchanged.
PAGE 78
Maintenance 6.5 How to Restart the TPG? The TPG is rebooted automatically after parameter changes or updates. If the TPG is in an undefined state it can also be rebooted manually. What do you want to do? ’Rebooting the TPG via the TPG Control Center’ Ö 78 ’Restarting the TPG via the InterCon-NetTool’ Ö 78 Rebooting the TPG via the TPG Control Center 1. 2. 3. ª Proceed as follows: Start the TPG Control Center. Select MAINTENANCE - Restart. Click Restart. The TPG is restarted.
PAGE 79
Maintenance 6.6 How to Print a Status or Service Page You can print status or service pages. Both pages are available in English. Status Page A status page contains basic information of the TPG such as the model type, hardware address, IP address, subnet mask, gateway, etc. Service page A service page contains basic information of the TPG as well as a list of the current parameter values of the TPG.
PAGE 80
Maintenance 5. Tick Printing. 6. Click Save & Restart to confirm. ª The settings are saved. Printing a status page via the TPG Control Center 1. 2. 3. ª Proceed as follows: Start the TPG Control Center. Select MAINTENANCE – Status page. Click Status page. The status page is printed. Printing a Status Page via the Status/Reset Button You can print a status page via the status/reset button of the device. Proceed as follows: 1. Press the status/reset button for a short time. ª The status page is printed.
PAGE 81
Maintenance 6.7 How to Display the Job History You can get information about the ThinPrint print jobs that have been sent to the TPG. Only these print jobs are registered and shown in the job history. A time server (Ö 36) must be configured on the TPG so that the date and time can be displayed correctly. If no time server is configured, the time stamp corresponds to the default time. A maximum of 32 print jobs are displayed. The first-in, first-out method is applied from the 33rd print job onwards.
PAGE 82
Maintenance Information Description Status Status of the print connection. The following statuses are possible: • 'Initialized' means that there is a connection to the ThinPrint server. In a next step, the connection to the printer will be established. • 'Try to connect' means that the connection to the printer will be established. • 'Connection rejected' means that the printer rejected the connection.
PAGE 83
Appendix - 7 Appendix What information do you need? The appendix contains a glossary, the TPG parameter list, a trouble shooting and the index lists of this document.
PAGE 84
Appendix - Glossary 7.1 Glossary The glossary contains information about manufacturer-specific software solutions and terms from the world of network technology.
PAGE 85
Appendix - Glossary Gateway Using a gateway, you can address IP addresses from external networks. If you wish to use a gateway, you can configure the relevant parameter via the TPG Control Center or the InterConNetTool. Hardware Address The TPG is addressable by means of its world-wide unique hardware address. This address is commonly referred to as the MAC or Ethernet address. The manufacturer has defined this address in the hardware of the device. The address consists of 12 hexadecimal numbers.
PAGE 86
Appendix - Glossary InterCon-NetTool The software InterCon-NetTool has been developed by SEH Computertechnik GmbH for the administration of SEH network devices within a predefined network. IP Address The IP address is the unique address of each node in a network, i.e. an IP address may occur only once on a local network. The system administrator usually assigns the IP address. The address must be saved in the TPG to make sure that it can be addressed within the network.
PAGE 87
Appendix - Parameter List 7.2 Parameter List This chapter gives an overview of all parameters of the TPG. The parameter list gives details about the functions and values of the individual parameters.
PAGE 88
Appendix - Parameter List Table 12: Parameter List - IPv4 Parameters Value Default Description ip_dhcp [DHCP] on/off on Enables/disables the DHCP protocol. ip_bootp [BOOTP] on/off on Enables/disables the BOOTP protocol. ip_auto [ARP/PING] on/off on Enables/disables the IP address assignment via ARP/PING. ip_addr [IP address] valid IP address 169.254. 0.0/16 Defines the IP address of the TPG. ip_mask [Subnet mask] valid IP address 255.255. 0.0 Defines the subnet mask of the TPG.
PAGE 89
Appendix - Parameter List Parameters Value Default Description ipv6_gate [Router] n:n:n:n:n:n:n:n :: Defines the IPv6 unicast address of the router. The TPG sends its 'Router Solicitations' (RS) to this router. ipv6_plen [Prefix length] 0 - 64 [2 characters; 0-9] 64 Defines the length of the subnet prefix for the IPv6 address. Address ranges are indicated by prefixes. The prefix length (number of bits used) is added to the IPv6 address and specified as a decimal number.
PAGE 90
Appendix - Parameter List Table 15: Parameter List - SNMP TPG User Manual Parameters Value Default Description snmpv1 [SNMPv1] on/off on Enables/disables SNMPv1. snmpv1_ronly [Read-only] on/off off Enables/disables the write protection for the community. snmpv1_community [Community] max. 64 characters [a-z, A-Z, 0-9] public Defines the name of the SNMP community.
PAGE 91
Appendix - Parameter List Parameters Value Default Description admin_cipher [Encryption] --- [None] aes des --- Defines the encryption method of the SNMP user group 2. Table 16: Parameter List - POP3 TPG User Manual Parameters Value Default Description pop3 [POP3] on/off off Enables/disables the POP3 functionality. pop3_srv [Server name] max. 128 characters [blank] Defines the name of the POP3 server. pop3_port [Server port] 1-65535 [max.
PAGE 92
Appendix - Parameter List Table 17: Parameter List - SMTP TPG User Manual Parameters Value Default Description smtp_srv [Server name] max. 128 characters [blank] Defines the name of the SMTP server. smtp_port [Server port] 1-65535 [max. 5 characters; 0-9] 25 Defines the port number used by the TPG to send emails to the SMTP server. smtp_ssl [TLS] on/off off Enables/disables TLS.
PAGE 93
Appendix - Parameter List Table 18: Parameter List - Bonjour Parameters Value Default Description bonjour [Bonjour] on/off on Enables/disables the Bonjour service. bonjour_name [Bonjour name] max. 64 characters [a-z, A-Z, 0-9] [Default Name] Defines the Bonjour name of the TPG. Table 19: Parameter List - Date/Time Parameters Value Default Description ntp [Date/Time] on/off on Enables/disables the use of a time server (SNTP). ntp_server [Time server] max. 255 characters [.
PAGE 94
Appendix - Parameter List Table 21: Parameter List - ThinPrint® TPG User Manual Parameters Value Default Description tpgPort [ThinPrint® port] 1 - 65535 [max. 5 characters; 0-9] 4000 Defines the TCP port used by the TPG for communicating with the ThinPrint server. tpgBdwidth [Bandwidth] on/off off Enables/disables the bandwidth functionality of the ThinPrint® port (TPG side). tpgBdwidthVal [Bandwidth value] 1600 - 1000000 [at least 4 characters, max.
PAGE 95
Appendix - Parameter List Table 22: Parameter List - ThinPrint Connection Service Parameters Value Default Description conService [Connection Service] on/off off Enables/disables the ThinPrint Connection Service. conServer [Server name] max. 255 characters [., a-z, A-Z, 0-9] [blank] Defines the Connection Service server via the IP address or the host name. (A host name can only be used if a DNS server was configured beforehand.) tpgClientID [Client ID] 0 - 99999 [max.
PAGE 96
Appendix - Parameter List TPG User Manual Parameters Value Default Description prtClass_1 ~ prtClass_6 [Class] max. 7 characters [a-z, A-Z, 0-9] [blank] Defines the printer class name for the ThinPrint AutoConnect feature. prtDriver_1 ~ prtDriver_6 [Driver] max. 64 characters [a-z, A-Z, 0-9, _, -] [blank] Defines the printer driver for the ThinPrint AutoConnect feature. remoteIp_1 ~ remoteIp_6 [Printer address] max. 64 characters [.
PAGE 97
Appendix - Parameter List Parameters Value Default Description monitorPing [Monitoring via ping] on/off on Enables/disables monitoring via ping. The ping query allows you to view the printer availability. monitorSNMP [SNMP] on/off on Enables/disables monitoring via SNMP. The SNMP query shows printer messages. monitorPoll [Monitoring interval] 10 - 86400 [max. 5 characters; 0-9] 30 Defines the interval of a 'Ping' or 'SNMP' query in seconds.
PAGE 98
Appendix - Parameter List TPG User Manual Parameters Value Default Description notistat_tm [mm] 0 = 00 min 1 = 10 min 2 = 20 min 3 = 30 min 4 = 40 min 5 = 50 min 6 = 00 min 0 Specifies the time at which a status email is sent. noti_usb_1 noti_usb_2 [USB] on/off off Enables/disables the sending of emails after a USB flash drive was connected to or removed from the TPG. noti_err_1 noti_err_2 [Problems] on/off off Enables/disables the sending of emails if a problem occurs at the TPG.
PAGE 99
Appendix - Parameter List Table 25: Parameter List - Web access Parameters Value Default Description http_allowed [HTTP/HTTPS] on/off on Defines the permitted type of connection (HTTP/HTTPS) to the TPG Control Center. If HTTPS is exclusively chosen as the connection type [http_allowed = off], the administrative access to the TPG Control Center is protected via SSL/TLS. http_pwd [Password] max.
PAGE 100
Appendix - Parameter List Parameters Value Default Description hw_filter_on_1 ~ hw_filter_on_8 [MAC address] on/off off Enables/disables an exception from the port locking. hw_filter_1 ~ hw_filter_8 [MAC address] valid hardware address 00:00:00 :00:00:0 0 Defines elements that are excluded from port locking, using the hardware address.
PAGE 101
Appendix - Parameter List Parameters Value Default Description auth_wpa_addon [WPA add-on] max. 255 characters [a-z, A-Z, 0-9] [blank] Specifies an optional WPA expansion. Table 28: Parameter List - USB device Parameters Value Default Description tpgBuffer [Print job buffering] on/off off Enables/disables the automatic buffering of print jobs if a printer cannot be reached.
PAGE 102
Appendix - Troubleshooting 7.3 Troubleshooting This chapter describes some problems and their solutions. Problem • ’The TPG indicates the BIOS mode’ Ö 102 • ’A connection to the TPG Control Center cannot be established’ Ö 103 • ’The password is no longer available’ Ö 103 The TPG indicates the BIOS mode Possible Cause The TPG switches to the BIOS mode if the firmware functions well but the software is faulty. This may happen in the case of an incorrect software update, for example.
PAGE 103
Appendix - Troubleshooting The software must be reloaded to the TPG so that the TPG can switch from the BIOS mode to the normal mode. Gehen Sie wie folgt vor: 1. Start the InterCon-NetTool. 2. Highlight the TPG in the device list. (You will find the TPG under the filter 'BIOS mode'.) 3. Select Installation – IP Wizard from the menu bar. The IP Wizard is started. 4. Follow the instructions of the wizard in order to assign an IP address to the TPG. The IP address is saved. 5.
PAGE 104
Appendix - List of Figures 7.4 List of Figures TPG Control Center - START . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 InterCon-NetTool - Main Dialog . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Administration via Email - Example 1 . . . . . . . . . . . . . . . . . . . . . 24 Administration via Email - Example 2 . . . . . . . . . . . . . . . . . . . . . 24 InterCon-NetTool - IP Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 TPG Control Center - Certificates .
PAGE 105
Appendix - Index 7.
PAGE 106
Appendix - Index Start 20 Structure 21 IP address 86 Saving 13 IPP connection 42 IPv4 26 IPv6 28 J Job history 81 delete 82 display 81 L LPD protocol 42 M MAC Address 85 N NAT 48 Notification Service 38 Email 39 SNMP Trap 39 Notifications 38 P Parameter backup 71 Parameter list 87 Parameters default settings 74 display 70 Load 71 load automatically 73 Parameter list 87 save automatically 73 Saving 70 Parameters file 70, 71 Password 53 TPG User Manual PEAP 66 ping 45 pkcs(12) 60 POP3 32 Print Service page
PAGE 107
Appendix - Index Service page 79 Data format 79 Printer 79 Printing 80 SMTP 33 SNMP 47 SNMPv1 31 SNMPv3 31 SNMP Trap 38 SNTP Server 36 Software 77 SSL/TLS encryption 50 Status email 38 Status page 79 Data format 79 Printer 79 Printing 79 Status/reset button 24, 75 Print status page 80 Printing the Service Page 80 resetting parameters 75 Subnet mask 86 Support 10 System Requirements 7 Transfer methods 42 Types of connection 52 U Update 77 USB device format 72 Parameter backup 71 Print job buffering 71 UTC