TPR User Manual - SEH Computertechnik GmbH
Contents
1. Select Installation IP Wizard from the menu bar The IP Wizard is started Follow the instructions of the wizard in order to assign an IP address to the TPR The IP address is saved Carry out a software update on the TPR see gt B90 The software will be saved in the TPR The TPR switches to the normal mode A connection to the TPR Control Center cannot be established Eliminate possible error sources First of all check the cabling connections the IP address of the TPR gt 13 as well as the proxy settings of your browser If you still cannot establish any connection the following safety mechanisms might be the cause O 00 0 0 The access is protected via SSL TLS HTTPS gt B63 The TCP port access control is enabled gt E66 The password protection is enabled gt 63 The HTTP port was changed gt 2140 The cipher suites of the encryption level are not supported by the browser gt B65 121 TPR User Manual Appendix Troubleshooting The password is no longer available The access to the TPR Control Center can be protected by a password If the password is no longer available you can reset the parameter values of the TPR to their default settings to get access to the TPR Control Center gt 187 Previous settings will be deleted 122 Appendix List of Figures 9 4 List of Figures TPR Control Center START 2000 02 eee 19 InterCon NetIool2. Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE Personal Printing 3 Tick SSL connection 4 Click Save amp Restart to confirm The settings are saved 5 3 How to Verify the Identity of the Personal Printing Server The identity of the Personal Printing server can be verified by means of certificates If the verification fails no connection to the Personal Printing server will be established If the verification of the identity was enabled for Personal Printing a certificate from a matching CA Certification Authority must be installed both on the Personal Printing server and the TPR The TPR requests a Personal Printing certificate server certificate from the Personal Printing server By means of the related root certificate and or Personal Printing certificate the TPR verifies the certificate and thus its identity of the Personal Printing server MI A Personal Printing certificate is saved on the Personal Printing server M A root certificate and or Personal Printing certificate is saved on the TPR gt 1267 Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE Personal Printing 3 Tick Verify certificate 4 Click Save amp Restart to confirm The setting will be saved 46 Personal Printing Settings 5 4 How to Configure the Personal Printing Printer The authentication for retrieving print jobs is done directly on the TPR i e on the printer Be
3. Security 7 2 Howto Control the Access to the TPR Control Center You are able to restrict the administrative web access to the TPR Control Center with a password or by selecting the permitted types of connection O Specifying the Permitted Web Connection Type gt E163 C Protecting the web access via a password gt E164 The TPR Control Center can also be protected by the SNMP security concept The concept includes administration of user groups and access rights For further information see How to Configure SNMP gt 31 Specifying the Permitted Web Connection Type The web access to the TPR Control Center can be secured by selecting the permitted types of connection HTTP HTTPS If HTTPS is exclusively chosen as the connection type the administrative web access to the TPR Control Center is protected by SSL TLS The cipher strength is defined via the encryption level gt E61 SSL TLS requires a certificate to check the identity of the TPR During a so called handshake the client asks for a certificate via a browser This certificate must be accepted by the browser URLs that require an SSL TLS connection start with https Proceed as follows 1 Start the TPR Control Center 2 Select SECURITY Device access 3 Tick HTTP HTTPS or HTTPS only in the Web area 4 Click Save amp Restart to confirm The setting will be saved 63 TPR User Manual Security Protecting the web a
4. The TPR is rebooted automatically after parameter changes or updates If the TPR is in an undefined state it can also be rebooted manually Whatdoyouwant I Rebooting the TPR via the TPR Control Center gt 91 to do ene C Restarting the TPR via the InterCon NetTool gt 591 mg Rebooting the TPR via the TPR Control Center Proceed as follows 1 Start the TPR Control Center 2 Select MAINTENANCE Restart 3 Click Restart The TPR will be restarted Restarting the TPR via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Highlight the TPR in the device list 3 Select Actions Restart from the menu bar The Restart print server dialog appears 4 Click Finish The TPR will be restarted TPR User Manual 91 Status Page Service page What do you want TPR User Manual todo Maintenance 8 6 How to Print a Status or Service Page You can print status or service pages to the connected network printer Both pages are available in English A status page contains basic information of the TPR such as the model type hardware address IP address subnet mask gateway etc A service page contains basic information of the TPR as well as a list of the current parameter values of the TPR Before a status or service page Is printed the printing function must be enabled and the data format of the status or service page ASCII PostScript DATAMAX or Citizen Z
5. Main Dialog 22 0 eee 21 Administration via Email Example 1 0000 24 Administration via Email Example 2 000 24 InterCon NetTool IP Wizard cscicecenad dene sade ed dead as 27 TPR Control Center Certificates 2 i ccace concedes odaemend 69 InterCon NetTool TPR in the BIOS Mode 120 TPR User Manual 123 TPR User Manual 9 5 Index A Address Ethernet address 98 Hardware address 98 IP address 99 MAC address 98 Administration Email 22 Status reset button 24 TPR Control Center 18 ARP PING 16 Authentication 76 AutoConnect 7 Backup copy 83 Bandwidth 50 Bandwidth limit 50 BIOS mode 120 Block port 64 Bonjour 35 BOOTP 14 C CA certificate 68 Certificate 67 Create 70 Delete 75 Display 70 Save 72 Certificate request 71 Cipher Suite 61 Connection Service 7 D Default certificate 68 Appendix Index Default name 97 Default setting 87 Descriptions 38 Device number 97 DHCP 14 DNS Domain Name Service 30 E EAP 76 EAP FAST 81 EAP MD5 77 EAP TLS 77 EAP TTLS 78 Email 22 Encrypted print data 59 Encryption 45 59 61 Encryption Level 61 Ethernet address 98 F Firmware 90 G Gateway 98 H Hardware address 98 Host name 98 Hotline 10 HTTP HTTPS 63 IEEE 802 1x 76 Improper use 11 Intended use 11 InterCon NetTool 20 99 Install 20 IP Wizard 15 Start 20 124 TPR User Manual Structure 21 Internal
6. Transfer Methods TPR User Manual ThinPrint Settings 6 3 Howto Embed the Printer Print jobs are sent from the ThinPrint server to the TPR After the decompression of the print jobs the TPR forwards the print jobs to the printers The print jobs are assigned via the printer ID A network printer can be integrated via the TPR When integrating the connected network printer you must define the printer parameters name class driver and a transfer method The data transfer between the TPR and the network printer can be done in three ways e Usually the data is transferred to the TCP IP port via a raw socket connection Port 9100 is preset on the TPR If required you can configure a different port number e By means of IPP connections Internet Printing Protocol the print data is transmitted via HTTP 1 1 via local networks or the Internet to the printer To this purpose you must configure a printer URL that needs to be implemented according to the information of the manufacturer Please refer to the documentation of your printer The printer URL ipp Ip1 is preset and can be changed if needed Your advantage The connection between the TPR and the printer can be encrypted via SSL TLS e Data transfer can also be done via the LPD protocol Line Printer Daemon During LPD printing the print data is sent to the IP address of the printer by means of an LPD queue The LPD queue name Ip1 is preset If required you can con
7. gt The community string for SNMPv1 is transferred in plain text and does not provide sufficient protection SNMPv3 is a continuation of the SNMP standard which provides improved applications and a _ user based security model Distinguishing features of SNMPv3 include its simplicity and security concept 31 POP3 TPR User Manual Network Settings Proceed as follows Start the TPR Control Center Select NETWORK SNMP Configure the SNMP parameters see Table 5 92132 Click Save amp Restart to confirm EFANS The settings are saved Table 5 SNMP Parameters Parameters Description SNMPv1 Enables disables SNMPv1 Read only Enables disables the write protection for the community Community SNMP community name The SNMP community is a basic form of access protection in which several participants with the same access rights are grouped together SNMPv3 Enables disables SNMPv3 User name Defines the name of the SNMP user Password Defines the password of the SNMP user Hash Defines the hash algorithm Access rights Defines the access rights of the SNMP user Encryption Defines the encryption method 3 5 Howto Configure POP3 and SMTP You must configure the protocols POP3 and SMTP on the TPR so that the notification service 941 and the administration via email 1222 will work properly POP3 Post Office Protocol Version 3 is a transfer protocol that a client can use to fetch emails fr
8. lt value gt The syntax and values can be obtained from the parameter list see gt E1100 23 Example 1 Example 2 TPR User Manual Administration Methods This email causes the TPR to send the parameter list to the sender of the email Email address of the TPR as configured on the POP3 server To tpr company com SS Subject cmd get parameters _____ comaa Fig 3 Administration via Email Example 1 This email configures the parameter Description on the TPR Email address of the TPR as To tpr company com configured on the POPS server Subjec cmd set parameters Command TAN nUn47ir79Ajs7QK TAN Parameter and parameter value Fig 4 Administration via Email Example 2 2 4 Administration via the Status Reset Button of the Device LEDs various ports and the status reset button can be found on the TPR These components are described in the Quick Installation Guide The status reset button allows you to e print a status page see gt 192 e print a service page see gt 2192 e reset the TPR parameters to their default settings see gt 887 24 Network Settings 3 Network Settings mg 26 28 What information do e How to Configure IPv4 Parameters gt you need mg e How to Configure IPv6 Parameters gt e How to Configure the DNS gt 30 e How to Configure SNMP gt 831 e
9. 2 InterCon NetTool Main Dialog Which Functions Are The InterCon NetTool allows you to S orted P RE e assign an IPv4 address to the TPR gt 2126 e restart the TPR gt 891 e reset the parameter values of the TPR to their default settings gt E187 e start the TPR Control Center gt E18 e switch from the BIOS mode to the default mode gt 120 Detailed information on how to use the InterCon NetTool can be found in the Online Help To start the Online Help select Help Online Help from the menu bar TPR User Manual 21 Functionalities Requirements Sending Instructions via Email Syntax and Format of an Instruction TPR User Manual Administration Methods 2 3 Administration via Email You can administer the TPR via email and thus via any computer with Internet access An email allows you to e send TPR status information e specify TPR parameters or e perform an update on the TPR MI In order to receive emails the TPR must be set up as user with its own email address on a POP3 server M A DNS server has been configured on the TPR see gt 4130 MI POP3 and SMTP parameters have been configured on the TPR see 2832 If you want to administer the TPR you must enter the relevant instructions into the subject line of your email Proceed as follows 1 Open an email program 2 Write a new email 3 Enter the TPR address as recipient 4 Enter an instruction into the sub
10. 4 Enter the trap community of the recipient into the Trap community box 5 Tick the options with the desired message types 6 Click Save amp Restart to confirm amp The settings are saved 42 Personal Printing Settings 5 Personal Printing Settings What information do e How to Define the Personal Printing Server 5 44 d i oe Younes How to Encrypt the Connection to the Personal Printing Server gt 845 e How to Verify the Identity of the Personal Printing Server gt P46 e How to Configure the Personal Printing Printer gt 47 ME ME aa Y aaco The u described here refer to the client side TPR Information about the installation configuration and administration of the Personal Printing environment can be found in the Personal Printing documentation at http www thinprint com TPR User Manual 43 Connection Authentication TPR User Manual Process Personal Printing Settings 5 1 How to Define the Personal Printing Server In Personal Printing environments print jobs are buffered on the Personal Printing server The print jobs will be forwarded and printed once the user has successfully authenticated to the TPR You must define the server name and port so that a connection to the Personal Printing server can be established You need a User PIN for the authentication process on the Personal Printing server You do not need to enter an individual PI
11. AutoConnect feature If the printer supports SNMP the class name is obtained automatically via SNMP A freely definable description can be entered at any time and will override any automatically derived class name Driver Defines the printer driver for the ThinPrint AutoConnect feature Port Defines the port number for RAW socket printing Default 9100 Is used when selecting RAW as the transfer method TPR User Manual 52 Printer connection timeout Job sending timeout TPR User Manual ThinPrint Settings Parameters Description URL Specifies the second part of the printer URL for IPP printing Default ipp Ip1 Is used when selecting IPP as the transfer method SSL Enables disables the SSL TLS encryption for IPP printing The cipher strength is defined via the encryption level gt B61 Is used when selecting IPP as the transfer method LPD Queue Defines the queue name for LPD printing Default Ip1 Is used when selecting LPD as the transfer method RFC Enables disables the RFC1179 conformity for LPD printing Is used when selecting LPD as the transfer method If this option is disabled the printing behavior resembles that of Microsoft LPD printing 6 4 Howto Define Timeouts You can use timeouts to control how errors are handled before and during a print job The Printer open timeout parameter specifies the period of time in seconds after which a connection attempt to the pri
12. E61 e How to Control the Access to the TPR Control Center 2163 e How to Block Individual Ports gt 264 e How to Control the Access to the TPR TCP Port Access Control gt 66 e How to Use Certificates Correctly gt 867 e How to Use Authentication Methods gt 876 e How to Configure a Device Assignment gt 82 60 Encryption Level Cipher Suite Establishing Connections TPR User Manual Security 7 1 Howto Define the Encryption Level for SSL TLS Connections The following connections on the TPR can be encrypted via SSL TLS e Email POP3 gt 232 e Email SMTP gt B32 e Personal Printing connection to the server gt 44 e ThinPrint printer IPP connection gt 51 e ThinPrint data encryption gt 45 e Web access to the TPR Control Center HTTPS gt B63 The encryption strength and thus the safety of the connection is defined via the encryption level Each encryption level is a collection of so called cipher suites A cipher suite is a standardized sequence of four cryptographic algorithms that are used to establish a secure connection Depending on their cipher strength in bit cipher suites are grouped to form an encryption level Which cipher suites are supported by the TPR i e are part of an encryption level depends on the protocol used SSLv2 SSLv3 TLSv1 When establishing a secure connection a list of supported cipher suites
13. General Information ThinPrint Reader gt E6 e Documentation gt B8 Support and Service 2 10 Your Safety gt 11 First Steps gt E12 Saving the IP Address in the TPR B13 What is ThinPrint Personal Printing Essentials What is ThinPrint Purpose TPR User Manual General Information 1 1 ThinPrint Reader ThinPrint Personal Printing Essentials is a software based technology for secure network printing ThinPrint Personal Printing Essentials is printer independent Printing is carried out from a client to the printer object Personal Printer The print job will be saved to the Personal Printing server The print job will be printed once the user has successfully authenticated to any network printer that is set up for Personal Printing ThinPrint is a software based technology providing print job compression and bandwidth control for network printing The data traffic between the application server or the print server and the local printer is reduced considerably and networks are relieved The ThinPrint technology enables the transmission of compressed and bandwidth optimized print jobs within a network Print jobs are compressed using the server component of the print technology the so called ThinPrint Engine The server sends the compressed print data to a device with the implemented ThinPrint Client This client then decompresses the print data
14. How to Configure POP3 and SMTP gt 32 e How to Configure Bonjour gt 35 e How to Configure the Device Time gt 36 TPR User Manual 25 What do you want todo TPR User Manual Network Settings 3 1 Howto Configure IPv4 Parameters TCP IP Transmission Control Protocol over Internet Protocol forwards data packets across several connections and establishes a connection between the network participants The boot protocols DHCP and BOOTP belong to the TCP IP protocol family You can define various IPv4 parameters for an ideal integration of your TPR into a TCP IP network For further information about the assignment of IP addresses see gt 5113 O Configuring IPv4 Parameters via the TPR Control Center gt 2126 O Configuring IPv4 Parameters via the InterCon NetTool gt 27 Configuring IPv4 Parameters via the TPR Control Center Proceed as follows 1 Start the TPR Control Center 2 Select NETWORK IPv4 3 Configure the IPv4 parameters see Table 2 gt B26 4 Click Save amp Restart to confirm amp The settings are saved Table 2 IPv4Parameters Parameters Description DHCP Enables or disables the protocols DHCP BOOTP and BOOTP ARP PING ARP PING Protocols offer various possibilities to save the IP address in the TPR See Saving the IP Address in the TPR gt B 13 We recommend disabling these options once an IP address has been assigned
15. Personal Printing Settings Parameters Description Job deletion by TPR Enables disables the deletion of printed jobs by the TPR The time of deletion can be defined via the delay This setting will override any settings for the deletion of printed jobs set on the Personal Printing server If neither the job deletion by server nor the job deletion by TPR is enabled printed jobs will be deleted as defined in the settings on the Personal Printing server Delay Defines a delay in seconds for the deletion of printed jobs by the TPR 0 immediate deletion A delay assures the complete transfer to the printer and printout of the print job Beeper Enables disables the audio feedback Acoustic signals give information about the triggering of print jobs see Quick Installation Guide TPR User Manual 48 ThinPrint Settings 6 ThinPrint Settings What information do e How to Define the ThinPrint Port gt 50 d ne e How to Define the Bandwidth gt B50 e How to Embed the Printer gt 51 e How to Define Timeouts gt 853 e How to Get Status Information on the Printer Connection gt 254 e How to Get Printer Messages gt 56 e How to Use the ThinPrint Connection Service gt 57 e How Does the TPR Receive Encrypted Data gt 59 a 5 Ll The settings described here refer to the client side TPR Information about the installation configuration and administration of
16. Start the TPR Control Center Select SECURITY Authentication Select TLS from the Authentication method ist 4 Click Save amp Restart to confirm amp The settings are saved ch N Configuring EAP TTLS EAP TTLS Tunneled Transport Layer Security validates the identity of devices or users before they gain access to network resources You can configure the TPR for the EAP TTLS network authentication This makes sure that the TPR gets access to protected networks 78 Mode of Operation Requirements TPR User Manual Security EAP TTLS consists of two phases In phase 1 a TLS encrypted channel between the TPR and the RADIUS server will be established Only the RADIUS server authenticates itself on the TPR using a certificate that was signed by a CA This process is also referred to as outer authentication In phase 2 an additional authentication method is used for the communication within the TLS channel EAP defined methods and older methods CHAP PAP MS CHAP und MS CHAPv2 are supported This process is also referred to as inner authentication The advantage of this procedure is that only the RADIUS server needs a certificate Therefore no PKI is needed Moreover TTLS supports most authentication protocols M Fj BRwh gt 6 7 The TPR is defined as user with user name and password on a RADIUS server Proceed as follows Start the TPR Control Center Select SECUR
17. transferring it to any printer TPR ThinPrint Reader have been specifically designed for environments with ThinPrint Personal Printing technology The TPR contains a fully integrated Personal Printing Client Together with the Personal Printing server the Personal Printing Client allows for the authentication process TPR are an authentication hardware that allows you to use network printers as Personal Printing printers independent of printer make and model To this purpose one TPR is installed between the network and the printer for every network printer Users will print to the Personal Printer print object They will then authenticate to the TPR by means of a contactless smartcard based on RFID The Personnel Printing server then sends the print job to the TPR which forwards it to the printer General Information Optionally you can use the ThinPrint technology with the TPR The TPR contains a fully integrated ThinPrint Client This ThinPrint Client allows you to receive and decompress print data in ThinPrint environments A network printer can be quickly and easily embedded into the network by means of the integrated ThinPrint Client Features The ThinPrint Reader supports the following features amongst others e The connection between the TPR and the Personal Printing server is protected by means of the Personal Printing SSL TLS encryption e The feature AutoConnect allows you to automatically create the required pr
18. 0 0 0 Defines the IP address of the Primary DNS primary DNS server server dns_secondary valid IP address 0 0 0 0 Defines the IP address of the Secondary DNS secondary DNS server server The secondary DNS server is used if the primary DNS server is not available 102 Appendix Parameter List Parameters dns_domain Domain name suffix Value max 255 characters a z A Z 0 9 Table 18 Parameter List SNMP Parameters snmpv1 SNMPv1 snmpv1_ronly Read only snmpv1_community Community snmpv3 SNMPv3 any_name User name any_pwd Password any_hash Hash any_rights Access rights any_cipher Encryption admin_name User name admin_pwd Password Value on off on off max 64 characters a z A Z 0 9 on off max 64 characters a z A Z 0 9 max 64 characters a z A Z 0 9 md5 sha None readonly readwrite None aes des max 64 characters a z A Z 0 9 8 64 characters a z A Z 0 9 Default blank Default on off public anonym ous blank md5 readonly admin administ rator Description Defines the domain name of an existing DNS server Description Enables disables SNMPv1 Enables disables the write protection for the community Defines the name of the SNMP community The SNMP community is a basic form of access protection in which several participants
19. 1 Read and observe the security regulations in order to avoid damages to people and devices see gt 11 2 Carry out the hardware installation The hardware installation comprises the connection of the TPR to the printer network and the mains supply see Quick Installation Guide 3 Make sure that the former IP address of the printer is saved in the TPR and that the printer is set to DHCP see Saving the IP Address in the TPR gt 13 4 Define the Personal Printing server and other Personal Printing settings see gt E143 Y The TPR is operational 12 Why IP Addresses How Does the TPR Obtain IP Addresses Automatic Methods of IP Address Assignments Manual Methods of IP Address Assignments TPR User Manual General Information 1 6 Saving the IP Address in the TPR An IP address is used to address network devices in an IP network TCP IP network protocols require the storing of the IP address in the TPR so that the device can be addressed within the network TPR are shipped without an IP address The TPR is able to assign itself an IP address during the initial installation Boot protocols are used to assign an IP address automatically to the TPR Upon delivery the boot protocols BOOTP and DHCP are enabled Once the TPR is connected to the network it checks whether an IP address can be obtained via the boot protocols BOOTP or DHCP If this is not the case the TPR 10 assigns itself a
20. 25 ae ae 0 cao paz tee bak Cana Fig 5 InterCon NetTool IP Wizard 27 What are the Advantages of IPv6 What is the Structure of an IPv6 Address TPR User Manual Network Settings 3 2 Howto Configure IPv6 Parameters You can integrate the TPR into an IPv6 network IPv6 Internet Protocol version 6 is the successor of the more common IPv4 Both protocols are standards for the network layer of the OSI model and regulate the addressing and routing of data packets via a network The introduction of IPv6 has many benefits e Pv6 increases the IP address space from 2 IPv4 to 2 28 IPv6 IP addresses e Auto Configuration and Renumbering e Efficiency increase during routing due to reduced header information e Integrated services such as IPSec QoS Multicast e Mobile IP An IPv6 address consists of 128 bits The normal format of an IPv6 address is eight fields Each field contains four hexadecimal digits representing 16 bits Each field is separated by a colon Example fe80 0000 0000 0000 0000 10 1000 1a4 Leading zeros in a field can be omitted Example fe80 0 s 0 O 10 1000 1a4 An IPv6 address may be entered or displayed using a shortened version when successive fields contain all zeros 0 In this case two colons are used However the use of two colons can be used only once in an address Example fe80 10 1000 1a4 As a URL in a Web browser a
21. 63 7 3 How to Block Individual Ports ccc cece cece eee eens eens 64 7 4 How to Control the Access to the TPR TCP Port Access Control 66 7 5 How to Use Certificates Correctly ccc cece eee ence ence ees 67 7 6 How to Use Authentication Methods 0 cece cece eee ee 76 7 7 How to Configure a Device Assignment eee e ence eens 82 8 MaintenanC 0 6 h6 soi cdncewaed eee ber iv den eves obese venwend 83 8 1 How to Secure the TPR Parameters Backup 0ecee cues 83 8 2 How to Use a Connected USB Device cc ccc eee eee ees 85 8 3 How to Reset Parameters to their Default Values Reset 87 8 4 How to Perform an Update cece cee cence nee een eeneees 90 8 5 How to Restart the TPRiscicccaccedecesasev acd oieava ee vanes cdoeeaes 91 8 6 How to Print a Status or Service Page cece eee eee e eee e eee 92 8 7 How to Display the Job History 0 ccc cece eee eee ences 94 9 AppendiXK eins cits eee ere tenidawowis helene 96 OA GIOSSALY sed trent cts eoaeauscadeweteeninae dicen esendwcadenteessacees 97 9 2 Parameter List si cc2cs00 iseesdddews eal anew ide dasoelanaiceoadasedl on 100 9 3 WOUDIESNOOUNDG 45 55 12 cee uieeu cee ndboediteusaeeeweluneeaxedneas 120 OA LS Ot Figures aceite ler eteag ine eheagh ek agaeeelea tens DETON 123 9 5 WAGE 4 ieee E agineeiaatehesaiae ties ATE E EDAS 124 What information do you need TPR User Manual General Information
22. Control Center Table 33 Parameter List Port Blocking Parameters Value Default Description drop_port_1 1 65535 0 Defines the port number of the max 5 characters port to be blocked A total of 12 drop_port_12 0 9 ports can be blocked Port drop_tcp_1 on off off Blocks the access to selected TCP ports drop_tcp_12 TCP and UDP ports can be TCP blocked at the same time TPR User Manual 116 TPR User Manual Parameters drop_udp_1 drop_udp_12 UDP drop_lan_1 drop_lan_12 LAN drop_nat_1 drop_nat_12 Printer Value on off on off on off Default off Table 34 Parameter List TCP port access Parameters protection Port access control protection_test Test mode protection_level Security level ip_filter_on_1 ip_filter_on_8 IP address ip_filter_1 ip_filter_8 IP address Value on off on off protec_tcp protec_all on off valid IP address Default off protec_t cp blank Appendix Parameter List Description Blocks the access to selected UDP ports TCP and UDP ports can be blocked at the same time Blocks the access to selected LAN interfaces network connection Printer and LAN interfaces can be blocked at the same time Blocks the access to selected printer interfaces printer connection Printer and LAN interfaces can be blocked at the same time Description Enables disables the locking of the sele
23. IP address the arp and ping commands cannot be used to save a new IP address However an IP address from the address range 169 254 0 0 16 which is reserved for ZeroConf can be overwritten by means of the arp and ping commands The arp command is used for editing the ARP table The ping command transfers a data packet containing the IP address to the hardware address of the TPR If the data packet has been successfully sent and received the TPR permanently saves the IP address The implementation of the arp and ping command depends on the system used Read the documentation for your operating system MI The ARP PING parameter has been enabled see gt 2126 Edit the ARP table Syntax arp s lt IP address gt lt hardware address gt Example arp s 192 168 0 123 00 c0 eb 00 01 ff Assign a new IP address to the TPR Syntax ping lt IP address gt Example ping 192 168 0 123 The separators within the hardware address that are used in this example correspond to the Windows platform 16 Administration Methods 2 Administration Methods You will get information on when to use these methods and which functions these methods support What information do e Administration via the TPR Control Center 2118 you need 20 ME e Administration via the InterCon NetTool gt e Administration via Email gt 22 e Administration via the Status R
24. Parameters for the Creation of Certificates Parameters Description Common name Is used to clearly identify the certificate It is advisable to use the IP address or the host name of the TPR to allow a clear assignment of the certificate to the TPR You can enter a maximum of 64 characters Email address Specifies an email address You can enter a maximum of 40 characters Optional Entry Organization name Specifies the company that uses the TPR You can enter a maximum of 64 characters Organizational Specifies the department or subsection of a company You unit can enter a maximum of 64 characters Optional Entry Location Specifies the locality where the company is based You can enter a maximum of 64 characters State name Specifies the state in which the company is based You can enter a maximum of 64 characters Optional Entry Domain component Allows you to enter additional attributes Optional Entry Country Specifies the country in which the company is based Enter the two digit country code according to ISO 3166 Examples DE Germany GB Great Britain US USA Issued on Specifies the date from which on the certificate is valid Expires on Specifies the date from which on the certificate becomes invalid Creating a Certificate Request for CA Certificates As a preparation for the use of a CA certificate a certificate request that has to be sent to the certification authority can be created in the TPR The c
25. must be specified ASCII is preset as data format O Specifying the Printing Function and the Data Format via the TPR Control Center gt 92 C Printing a Status Page via the TPR Control Center gt O Printing a Status Page via the Status Reset Button gt O O ES 3 93 93 ME mg Printing a Service Page via the TPR Control Center gt Printing a Service Page via the Status Reset Button gt 193 Specifying the Printing Function and the Data Format via the TPR Control Center Proceed as follows 1 Start the TPR Control Center Select MAINTENANCE Status page Select the desired data format from the Status page mode list Tick Printing Click Save amp Restart to confirm amp The settings are saved A AWN 92 TPR User Manual Maintenance Printing a Status Page via the TPR Control Center Proceed as follows 1 Start the TPR Control Center 2 Select MAINTENANCE Status page 3 Click Status page The status page is printed Printing a Status Page via the Status Reset Button You can print a status page via the status reset button of the device E Proceed as follows 1 Press the status reset button for a short time The status page is printed Printing a Service Page via the TPR Control Center Proceed as follows 1 Start the TPR Control Center 2 Select MAINTENANCE Status page 3 Click Service page The service page will
26. network 38 IP address 99 Local 38 Printer 39 Save 13 IPP connection 51 IPv4 26 IPv6 28 J Job history 94 Delete 95 Display 94 L Local service ports 40 LPD protocol 51 M MAC address 98 Masquerading 39 NAT 39 57 Notification Service 41 Email 42 SNMP Trap 42 Notification service 41 Notifications 41 P Parameter backup 85 Parameter list 100 Parameters Default settings 87 Display 84 Load 84 Load automatically 86 Appendix Index Parameter list 100 Save 84 Save automatically 86 Parameters file 83 85 Password 64 PEAP 80 Personal Printer 6 Personal Printing Client 6 Personal Printing encryption 7 45 Personal Printing printer 47 Personal Printing server 6 Check identity 46 Configure 44 Ping 54 pkes 12 73 POP3 32 Print Service page 93 Status page 93 Printer Connection status 54 ID 47 51 Internal network 39 Messages 56 Transfer method 51 Printer messages 56 Protocol BOOTP 14 DHCP 14 IPP 51 IPv4 26 IPv6 28 LPD 51 POP3 32 SMTP 33 SNMP 31 SSL TLS 61 ZeroConf 14 R RADIUS 76 RAW socket connection 51 Reset 87 125 TPR User Manual Restart 91 Root certificate 45 46 68 S S MIME certificate 69 Security 60 Security level 66 SEH Homepage 10 Self signed certificate 68 Service page 92 Data format 92 Print 93 Printer 92 SMTP 33 SNMP 56 SNMPv1 31 SNMPv3 31 SNMP trap 41 SNTP Server 36 Software 90 SSL TLS encryption Personal Printing 45 T
27. the resulting time difference including country specific particularities such as Daylight Saving Time can be handled by means of the Time zone parameter M A time server is integrated into the network Proceed as follows 1 Start the TPR Control Center 2 Select NETWORK Date Time 3 Tick Date Time 36 Network Settings 4 Enter the IP address or the host name of the time server into the Time server box A host name can only be used if a DNS server was configured beforehand 5 Select the code for your local time zone from the Time zone list 6 Click Save amp Restart to confirm amp The settings are saved TPR User Manual 37 Device Settings What information do you need Internal IP Network 4 Device Settings e How to Determine a Description gt B38 e How to Configure the Communication between the TPR and the Printer gt E38 e How to Define Local Service Ports gt 40 e How to Use the Notification Service 941 4 1 Howto Determine a Description You can assign freely definable descriptions to the TPR This gives you a better overview of the devices available in the network Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE Description 3 Enter freely definable names for Host name Description and Contact person 4 Click Save amp Restart to confirm The data is saved 4 2 Howto Configure the Communication between the TP
28. the TPR M The USB flash drive has been formatted correctly see gt E86 Proceed as follows 1 Start the TPR Control Center 2 Select MAINTENANCE USB device 3 Tick Parameter backup 4 Click Save amp Restart amp The settings are saved Loading the Parameter Values Automatically to a TPR M The USB flash drive has been formatted correctly see gt B86 MI A parameter file exists on the USB flash drive see Parameter Backup gt B85 Proceed as follows 1 Connect a USB flash drive to the USB port of the TPR amp The parameter values in the file are automatically applied to the TPR 86 What do you want TPR User Manual todo Maintenance 8 3 Howto Reset Parameters to their Default Values Reset It is possible to reset the parameters of the TPR to their default values factory settings All previously configured parameter values will be deleted in this process Installed certificates will not be deleted If you reset the parameters the IP address of the TPR may change and the connection to the TPR Control Center may be terminated You must reset the parameters for example if you have changed the location of the TPR and if you want to use the TPR in a different network Before this change of location you should reset the parameters to the default settings to install the TPR in another network Remove an attached USB flash drive before resetting the parameters If a parame
29. the TPR and the PRINS has ae actaneeactesercaeretesceneseheecasesseescicsesenes 4 3 How to Define Local Service Ports cc cece eee e ence eee eeee 4 4 How to Use the Notification Service 0 ccc cece cence eens 5 Personal Printing Settings c cece cece e cece eeees 5 1 How to Define the Personal Printing Server cec eens 5 2 How to Encrypt the Connection to the Personal Printing Server 5 3 How to Verify the Identity of the Personal Printing Server 5 4 How to Configure the Personal Printing Printer 5 TPR User Manual 6 ThinPrint SettingS sssssesesesesseesosesesoeese 49 6 1 How to Define the ThinPrint Port 0 ccc cece cece e eee eee 50 6 2 How to Define the Bandwidth 0 cece eee ete e teen ees 50 6 3 How to Embed the Printer 5 0 c0c0ccsccsccessccsdacpecseeeees 51 6 4 How to Define Timeouts j 02252 0046 60c2hSshesecessdesedeedincuals 53 6 5 How to Get Status Information on the Printer Connection 54 6 6 How to Get Printer MessageS cece cece cece cence cence eens 56 6 7 How to Use the ThinPrint Connection Service 00 eee eee 57 6 8 How Does the TPR Receive Encrypted Data ee eens 59 7 SOCUNLY jiaxciuiweieebeees deme nwen senna seks a eateries 60 7 1 How to Define the Encryption Level for SSL TLS Connections 61 7 2 How to Control the Access to the TPR Control Center
30. use the InterCon NetIool the program must be installed on a computer with a Windows operating system The installation file of the InterCon NetIool can be found on the SEH Computertechnik GmbH homepage http www seh technology com services downloads tpr html Proceed as follows 1 Start the InterCon NetTool installation file 2 Select the desired language 3 Follow the installation routine amp The InterCon NetTool will be installed on your client To start the program double click the InterCon NetIool icon SEN The icon is found on the desktop or the Windows start menu Start gt All Programs gt SEH Computertechnik GmbH gt InterCon NetTool The settings of the InterCon NetTool are saved in the NetTool ini file The file is stored in the directory Documents and Settings with the relevant user name 20 Administration Methods Structure ofthe After the program start you will see the main dialog with the InterCon NetToo following elements The dialog may vary depending on which elements you have chosen to be shown or hidden Menu bar Toolbar Device list S4 InterCon NetTool File Filter Actions Installation Search Extras Help TE TF IP Address v Version Protocol NetWare Name Al amp 192 168 000 204 14 0 16 IP ICODSADO a j B IP 010 168 000 000 Restart Default Settings Launch Browser IP Wizard Filter for the device list Shortcut menu Fig
31. 0 Defines the gateway address Gateway of the TPR Table 16 Parameter List IPv6 Parameters Value Default Description ipv6 on off on Enables disables the IPv6 IPv6 functionality of the TPR ipv6_auto on off on Enables disables the Automatic automatic assignment of the configuration IPv6 address for the TPR TPR User Manual 101 TPR User Manual Appendix Parameter List Parameters Value Default Description ipv6_addr nininin nin n n ee Defines a manually assigned IPv6 address IPv6 Unicast address in the n n n n n n n n format for the TPR Every n represents the hexadecimal value of one of the eight 16 bit elements of the address An IPv6 address may be entered or displayed using a shortened version when successive fields contain all zeros 0 In this case two colons are used ipv6_gate ninininin n n n ue Defines the IPv6 unicast Router address of the router The TPR sends its Router Solicitations RS to this router ipv6_plen 0 64 64 Defines the length of the Prefix length 2 characters 0 9 subnet prefix for the IPv6 address Address ranges are indicated by prefixes The prefix length number of bits used is added to the IPv6 address and specified as a decimal number The decimal number is separated by Table 17 Parameter List DNS Parameters Value Default Description dns on off on Enables disables the name DNS resolution via a DNS server dns_primary valid IP address 0
32. A SER ThinPrint Reader TPR 10 User Manual n SE Manufacturer SEH Computertechnik GmbH Suedring 11 33647 Bielefeld Germany Phone 49 0 521 94226 29 Fax 49 0 521 94226 99 Support 49 0 521 94226 44 Email info seh de Web http www seh de Document Type User Manual Title ThinPrint Reader Version 1 1 Online Links to Important Websites Support Contacts amp Information Sales Contacts amp Information Downloads http www seh technology com support http www seh technology com sales http www seh technology com services downloads tpr htm erCon is a registered trademark of SEH Computertechnik GmbH H Computertechnik GmbH has endeavored to ensure that the information in this documentation is correct If you detect any inaccuracies please inform us at the address indicated above SEH Computertechnik GmbH will not accept any liability for any error or omission The information in this manual is subject to change without notification Al rights are reserved Copying other reproduction or translation without the prior written consent from SEH Computertechnik GmbH is prohibited 2012 SEH Computertechnik GmbH Al trademarks registered trademarks logos and product names are property of their respective owners TPR User Manual Table of Contents 1 General Information ccc cece cece cece ce ceees 1 1 ThinPrint Reader es soasis dace waice vec
33. IPv6 3 Configure the IPv6 parameters see Table 3 gt B30 4 Click Save amp Restart to confirm The settings are saved 29 TPR User Manual Network Settings Table 3 IPv6 Parameters Parameters Description IPv6 Enables disables the IPv6 functionality of the TPR Automatic configuration Enables disables the automatic assignment of the IPv6 address for the TPR IPv6 address Defines a manually assigned IPv6 Unicast address in the n n n n n n n n format for the TPR Every n represents the hexadecimal value of one of the eight 16 bit elements of the address An IPv6 address may be entered or displayed using a shortened version when successive fields contain all zeros 0 In this case two colons are used Router Defines the IPv6 unicast address of the router The TPR sends its Router Solicitations RS to this router Prefix length Defines the length of the subnet prefix for the IPv6 address The value 64 is preset Address ranges are indicated by prefixes The prefix length number of bits used is added to the IPv6 address and specified as a decimal number The decimal number is separated by 3 3 Howto Configure the DNS DNS is a service that translates domain names into IP addresses Using DNS names can be assigned to IP addresses and vice versa If a DNS server is available in your network you can use DNS for your TPR If you use a domain name during the configuration process you must fir
34. ITY Authentication Select TTLS from the Authentication method ist Enter the user name and the password that are used for the configuration of the TPR on the RADIUS server Select the settings intended to secure the communication in the TLS channel To make the connection more secure you can also install the root certificate of the RADIUS server on the TPR gt B73 Click Save amp Restart to confirm The settings are saved 79 Benefits and Purpose Mode of Operation Requirements TPR User Manual Security Configuring PEAP PEAP Protected Extensible Authentication Protocol validates the identity of devices or users before they gain access to network resources You can configure the TPR for the PEAP network authentication This makes sure that the TPR gets access to protected networks In the case of PEAP compare EAP TTLS see gt 78 an encrypted TLS Transport Layer Security channel is established between the TPR and the RADIUS server Only the RADIUS server authenticates itself on the TPR using a certificate that was signed by a CA The TLS channel is then used to establish another connection that can be protected by means of additional EAP authentication methods e g MSCHAPv2 The advantage of this procedure is that only the RADIUS server needs a certificate Therefore no PKI is needed PEAP uses the advantages of TLS and supports various authentication methods including user passwords and on
35. N because the authentication to the TPR is done via a chip card All users of the TPR will get the same user PIN This PIN will be defined on the Personal Printing server and must be saved identically to the TPR Configure default user PIN e g SEH on the Personal Printing server for all users of the TPR The user PIN SEH is preset on the TPR Proceed as follows Start the TPR Control Center Select DEVICE Personal Printing Tick Personal Printing Specify the Personal Printing parameters see Table 10 gt 2144 Click Save amp Restart to confirm EaKRWN SD The setting will be saved Table 10 Personal Printing Parameters Parameters Description Server name Defines a Personal Printing server via the IP address or the host name The host name can only be used if a DNS server was configured beforehand Server port Defines the TCP port used by the TPR for communicating with the Personal Printing server The port number 80 is preset When using SSL enter 443 as port number gt 45 44 Procedure TPR User Manual Personal Printing Settings Parameters Description User PIN Defines the User PIN The specified User PIN and the User PIN in the user accounts of the Active Directory must be identical The preset user PIN is SEH 5 2 Howto Encrypt the Connection to the Personal Printing Server A secure connection between the Personal Printing server and the TPR can be achieved by usin
36. R and the Printer The TPR must be physically connected to the printer and the network Both devices build an internal local network in which the TPR has a second local IP address for the internal communication TPR User Manual 38 Masquerading NAT TPR User Manual Device Settings with the printer The internal DHCP server of the TPR automatically configures the IP address of the printer and the related parameters In order to connect the internal network to the external network the address information is rewritten via masquerading Masquerading is a type of NAT Network Address Translation This way data packets are forwarded by the TPR to the printer The TPR is integrated in a transparent way and the infrastructure as well as possibly existing output monitoring systems remain unaffected You can adjust the settings of the internal network Proceed as follows Start the TPR Control Center Select DEVICE TPR 10 Configure the printer parameters see Table 9 gt 39 Click Save amp Restart to confirm EaRWNS The settings are saved Table 9 Printer Configuration Parameters Description Local IP address Defines the IP address of the TPR for the internal communication The TPR and printer constitute an internal IP network The local IP address is the gateway to the printer IP address The subnet mask is 255 255 255 240 Printer IP address Defines the IP address of the printer for the internal communic
37. TTLS gt 78 O Configuring PEAP gt 80 O Configuring EAP FAST gt E81 76 Benefits and Purpose Mode of Operation Requirements Benefits and Purpose Mode of Operation TPR User Manual Security Configuring EAP MD5 EAP MDB5 validates the identity of devices or users before they gain access to network resources You can configure the TPR for the EAP MD5 network authentication This makes sure that the TPR gets access to protected networks EAP MD5 describes a user based authentication method via a RADIUS server The TPR must be defined as user with user name and password on a RADIUS server The authentication method EAP MD5 must then be enabled on the TPR and the user name and password need to be entered MI The TPR is defined as user with user name and password on a RADIUS server Proceed as follows 1 Start the TPR Control Center 2 Select SECURITY Authentication 3 Select MD5 from the Authentication method ist 4 Enter the user name and the password that are used for the configuration of the TPR on the RADIUS server 5 Click Save amp Restart to confirm amp The settings are saved Configuring EAP TLS EAP TLS Transport Layer Security validates the identity of devices or users before they gain access to network resources You can configure the TPR for the EAP TLS network authentication This makes sure that the TPR gets access to protected networks EAP TLS describe
38. ages containing a key public key and a signature The use of certificates allows for various security mechanisms Use certificates in the TPR 67 Which Certificates are available TPR User Manual Security e to encrypt the connection to the Personal Printing server see gt E45 e to check the identity of the Personal Printing server see gt 546 e to receive encrypted print data see gt 59 e to check the identity of the TPR in the network see Configuring EAP TLS gt 77 e to authenticate the TPR client if the administrative web access to the TPR Control Center is protected via HTTPS SSL TLS see gt 63 If you want to use certificates it is advisable to protect the administrative web access to the TPR Control Center by a password so that the certificate on the TPR cannot be deleted by unauthorized persons see gt 863 Both self signed certificates and CA certificates can be used with the TPR The following certificates can be distinguished e Self signed certificates have a digital signature that has been created by the TPR If a self signed certificate is used the ThinPrint server cannot print via SSL TLS The connection to the Personal Printing server and the verification of its identity are not possible A CA certificate is mandatory to print via SSL e CA certificates are certificates that have been signed by a certification authority CA e The authenticity of the CA certificat
39. also saves the IP address the service name and the offered services of each participant Proceed as follows 1 Start the TPR Control Center 2 Select NETWORK Bonjour 3 Configure the Bonjour parameters see Table 8 gt B36 4 Click Save amp Restart to confirm amp The setting will be saved 35 Benefits and Purpose UTC Time zone Requirements TPR User Manual Network Settings Table 8 Bonjour Parameters Parameters Description Bonjour Enables disables Bonjour Bonjour name Defines the Bonjour name of the TPR The TPR uses this name for its Bonjour services If no Bonjour name is entered the default name will be used device name I Cxxxxxx 3 7 Howto Configure the Device Time You can set the time of the TPR via a time server SNTP server in the network A timeserver is a computer networking device that reads the actual time from a reference clock and distributes this information to its clients In the TPR the time server is defined via the IP address or the host name If the time server is activated the ThinPrint print jobs that are handled by the TPR will get a time stamp Date and time are then displayed under 94 Job History The TPR uses UTC Universal Time Coordinated as a basis UTC is a reference time and used as a time standard The time received by the time server does not necessarily correspond to your local time zone Deviations from your location and
40. ann ee ee Q 8B S MIME certificate Not nstaled EN Fig 6 TPR Control Center Certificates TPR User Manual 69 What do you want TPR User Manual todo Security Displaying Certificates 170 Creating a Self Signed Certificate gt H170 Creating a Certificate Request for CA Certificates E171 Saving the CA Certificate on the TPR gt 72 Saving the Root Certificate on the TPR 173 Saving the pkcs 12 Certificate on the TPR gt 2173 Saving the S MIME Certificate on the TPR gt 74 Saving the Personal Printing Certificate on the TPR 9875 Deleting Certificates gt E75 OoOOaogooagaaoaaog Displaying Certificates Certificates installed on the TPR and certificate requests can be displayed and viewed Proceed as follows 1 Start the TPR Control Center 2 Select SECURITY Certificates 3 Select the certificate via the icon amp The certificate is displayed Creating a Self Signed Certificate If a self signed certificate has already been created on the TPR you must first delete the certificate see gt 75 Proceed as follows 1 Start the TPR Control Center Select SECURITY Certificates Click Self signed certificate Enter the relevant parameters see Table 14 9871 Click Install AR WN 70 TPR User Manual Security The certificate will be created and installed This may take a few minutes Table 14
41. ansmit error messages and queries for example ping If the option is enabled queries will be answered by the printer and not by the TPR TPR User Manual 107 Table 25 Parameter List Local Service Ports Parameters Value Default Appendix Parameter List Description httpd_port HTTP httpsd_port HTTPS snmp_port SNMP tpgPort ThinPrint TPR User Manual 1 65535 80 max 5 characters 0 9 1 65535 443 max 5 characters 0 9 1 65535 161 max 5 characters 0 9 1 65535 4000 max 5 characters 0 9 Defines the TCP port that is used by the TPR for HTTP during the network communication Defines the TCP port that is used by the TPR for HTTPS during the network communication Defines the TCP port that is used by the TPR for SNMP during the network communication Defines the TCP port used by the TPR for communicating with the ThinPrint server 108 TPR User Manual Table 26 Parameter List Personal Printing Parameters WELT Default pps on off on Personal Printing pps_server max 255 characters blank Server name a z A Z 0 9 pps_port 1 65535 80 Server port max 5 characters 0 9 pps_ssl on off off SSL connection pps_verify on off off Verify certificate pps_pwd max 32 characters SEH User PIN pps_prtlD 0 64 1 Printer ID max 2 characters 0 9 pps_single on off on Trigger print jobs separately Appendix Parameter Lis
42. asks the BOOTP host for the IP address and the host name The BOOTP host answers and sends a data packet containing the IP address The IP address is saved in the TPR DHCP The TPR supports DHCP which means that the IP address of the TPR can be assigned dynamically via a DHCP server MI The DHCP parameter has been enabled see gt 26 M A DHCP server is available in the network After the hardware installation the TPR asks a DHCP server for an IP address by means of a broadcast query The DHCP server identifies the TPR on the basis of its hardware address and sends a data packet to the TPR This data packet contains among others the IP address of the TPR the default gateway and the IP address of the DNS server The data is saved in the TPR 14 Requirements TPR User Manual General Information Auto Configuration IPv6 Standard The TPR can have an IPv4 address and several IPv6 addresses at the same time The IPv6 standard is used to automatically assign IP addresses in IPv6 networks When connected to an IPv6 network the TPR will automatically obtain an additional link local IPv6 address The TPR uses the link local IP address to search for a router The TPR sends so called Router Solicitations RS to the special multicast address FFO2 2 The available router will then return a Router Advertisement RA containing the required information With a prefix from the range of the globally unique address
43. ation The TPR and printer constitute an internal IP network The printer IP address and related parameters are set by the internal DHCP server of the TPR Masquerading Enables disables masquerading Masquerading is a type of NAT Network Address Translation In NAT all external IP addresses are translated to the local IP address ICMP Enables disables the routing of ICMP packets to the printer IP address In IP networks ICMP is used to transmit error messages and queries for example ping If the option is enabled queries will be answered by the printer and not by the TPR 39 Example TPR User Manual Device Settings 4 3 Howto Define Local Service Ports The TPR utilizes TCP ports for the data transfer in the network TCP ports are address components that are characterized by their port number Ports are used to establish connections and to assign data packets to the correct services Certain services HTTP HTTPS SNMP etc have permanently assigned ports You can specify port numbers for the following local services e HTTP Default 80 e HTTPS Default 443 e SNMP Default 161 e ThinPrint Default 4000 TCP ports that are configured as local service ports cannot be used for the communication with the printer Assign free port numbers to the local service ports in order to use the default TCP ports for the communication with the printer If you assign the port number 8080 to HTTP the printer ho
44. avigation bar top After selecting a menu item simple mouse click the available submenu items are displayed at the left After selecting a submenu item the corresponding page with its content is displayed at the right You can set the language via the menu item START Simply select the relevant flag The manufacturer s contact details and additional information regarding the product are displayed under Product amp Company The Sitemap provides an overview of and direct access to all pages of the TPR Control Center All other menu items refer to the configuration of the TPR They are described in the Online Help of the TPR Control Center To start the Online Help click the icon 19 Mode of Operation Installation Program Start TPR User Manual Administration Methods 2 2 Administration via the InterCon NetTool The software InterCon NetIool has been developed by SEH Computertechnik GmbH for the administration of SEH network devices TPR TPG print server etc Depending on the network device you can configure various features via the InterCon NetTool After the InterCon NetTool is started the network will be scanned for connected network devices The network range to be scanned is freely definable All network devices found will be displayed in the device list You can modify the device list and adopt it to your individual needs You can mark and configure the devices in the device list In order to
45. be printed Printing a Service Page via the Status Reset Button You can print a service page via the status reset button of the device Proceed as follows 1 Keep the status reset button pressed for five seconds The status page is printed 93 Maintenance 8 7 How to Display the Job History You can get information about the ThinPrint print jobs that have been sent to the TPR Only these print jobs are registered and shown in the job history A time server 136 must be configured on the TPR so that the date and time can be displayed correctly If no time server is configured the time stamp corresponds to the default time A maximum of 32 print jobs are displayed The first in first out method is applied from the 33rd print job onwards The saved print jobs will be deleted when the TPR is turned off or reset The print jobs can also be deleted manually The print jobs will not be deleted when the TPR is restarted What do you wantto I Displaying the job history E94 do O Deleting Print Jobs Manually gt 295 Displaying the job history Proceed as follows 1 Start the TPR Control Center 2 Select MAINTENANCE Job history The Job History is displayed The following information is shown in the Job History Information Description ID Identification number of the printer that has spooled the print job TPR User Manual 94 TPR User Manual Maintenance Information Description S
46. blank blank raw 9100 ipp lp1 off Ip1 on on Appendix Parameter List Description Defines the printer name for the ThinPrint AutoConnect feature Defines the printer class name for the ThinPrint AutoConnect feature Defines the printer driver for the ThinPrint AutoConnect feature Specifies the transfer method between the TPR and the printer Defines the port number for RAW socket printing Specifies the second part of the printer URL for IPP printing The implementation of the printer URL is depends on the manufacturer Consult your printer manual for more information Enables disables the SSL TLS encryption for IPP printing Defines the queue name for LPD printing Enables disables the RFC1179 conformity for LPD printing Enables disables monitoring via ping i e ICMP The ping query allows you to view the printer availability 113 TPR User Manual Appendix Parameter List Parameters Value Default Description monitorSNMP on off on Enables disables monitoring SNMP via SNMP The SNMP query shows printer messages monitorPoll 1 86400 30 Defines the interval of a ping Monitoring max 5 characters or SNMP query in seconds interval 0 9 prtLock on off off Enables disables the printer Device assignment The TPR can be assignment permanently assigned to the printer The TPR can then only be operated together with the assigned printer Tab
47. ccess via a password You can use a password to protect the TPR Control Center against unauthorized web access If a password is set only the start page of the TPR Control Center can be visited and displayed If you select a menu item you will be asked to enter a password You will also be asked to enter a non definable user name Leave this field blank at the password prompt Proceed as follows 1 Start the TPR Control Center Select SECURITY Device access In the web area enter a password into the Password box Repeat the password Click Save amp Restart to confirm The setting will be saved mA AWN 7 3 Howto Block Individual Ports The TPR cannot be attacked directly by viruses Attacks to open ports can have a certain influence on the TPR and affect its functions In order to prevent attacks to open ports you can block individual ports on the TPR You can configure for example short term blockings for current security problems worms etc or long term blockings of common ports for malware attacks Services e g printing via IPP port 632 can also be blocked by blocking their ports Local service ports gt 840 cannot be blocked Proceed as follows 1 Select SECURITY Port blocking 2 Enter the port number of the port to be blocked into the Port box 64 TPR User Manual Security 3 Enable the options for the blocking of the desired log types and interfaces Both log types and int
48. cted ports Enables disables the test mode The test mode allows you to test the parameters set using the access control If the test mode is activated the access protection remains active until the TPR is rebooted Specifies the port types to be locked TCP ports all ports IP ports Enables disables an exception from the port locking Defines elements that are excluded from port locking using the IP address 117 Appendix Parameter List Parameters hw_filter_on_1 hw_filter_on_8 MAC address hw_filter_1 hw_filter_8 MAC address Value on off valid hardware address Default off 00 00 00 00 00 0 0 Table 35 Parameter List Authentication Parameters auth_typ Authentication method auth_name User name auth_pwd Password auth_extern PEAP EAP FAST Options auth_intern Inner Authentication auth_ano_name Anonymous name Value None MD5 TLS TTLS PEAP FAST max 64 characters a z A Z 0 9 max 64 characters a z A Z 0 9 None PEAPLABELO PEAPLABEL1 PEAPVERO PEAPVER1 FASTPROV1 None PAP CHAP MSCHAPV2 EAP MD5 EAP TLS max 64 characters a z A Z 0 9 Default blank blank blank Description Enables disables an exception from the port locking Defines elements that are excluded from port locking using the hardware address Description Defines the authentication met
49. d phase describes the restart of the device e The third phase describes the printing of a status page The reset process can be checked by means of the status page IMPORTANT The reset mode is indicated by the green and red blinking of the activity LED The activity LED will then blink orange You must release the status reset button at this moment otherwise the TPR switches to the BIOS mode If this happens try the reset again 88 TPR User Manual Maintenance The phases are described in the following Phase 1 Reset Phase 2 Restart of the device Turn off the TPR interrupt the power supply Remove the network cable RJ 45 from the TPR ael Press and hold the status reset button Turn on the TPR establish the power supply The activity LED will then be permanently lit in orange After a few seconds the activity LED will alternatingly blink green and red Wait until the activity LED will blink orange Sa Release the status reset button for about 1 second 8 The activity LED alternatingly blinks green and red Press and hold the status reset button again The activity LED blinks orange twice mol Release the status reset button The activity LED blinks green ir Turn off the TPR interrupt the power supply _ Connect the network cable in RJ 45 to the TPR Turn on the TPR On establish the power supply iba Phase 3 Status chec
50. e all safety regulations and warnings found in the documentation on the device and on the packaging This will avoid potential misuse and prevent damages to people and devices SEH Computertechnik GmbH will not accept any liability for personal injuries property damages and consequential damages resulting from the non observance of the mentioned safety regulations and warnings Non observance will result in the warranty claims becoming void The TPR is used in TCP IP networks The TPR is an authentication hardware that allows you to use network printers as Personal Printing printers independent of printer make and model The TPR has been designed for use in office environments All uses of the device that do not comply with the TPR functionalities described in the documentation are regarded as improper uses It is not allowed to make modifications to the hardware and software or to try to repair the device Before starting the initial operation procedure of the TPR please note the safety regulations in the Quick Installation Guide The Quick Installation Guide is enclosed in the packaging Read and observe all warnings mentioned in this document Warnings are found before any instructions known to be dangerous They are presented as follows Warning 11 TPR User Manual General Information 1 5 First Steps This section provides all the information that you need for a fast operational readiness Proceed as follows
51. e can be verified by means of a so called root certificate issued by the certification authority The root certificate is stored on an authentication server in the network e Upon delivery a certificate the so called default certificate is stored in the TPR It is recommended that you replace the default certificate by a self signed certificate or CA certificate as soon as possible 68 Security e S MIME certificate S MIME certificates pem file are used to sign and encrypt the emails that are sent by the TPR The corresponding private key must be installed as an own certificate in the pkes 12 format as p12 file in the intended email program Thunderbird Outlook etc Only then can the emails be verified and displayed in the case of encryption e Personal Printing certificates are used to verify the identity of the Personal Printing server The following certificates can be installed at the same time in the TPR 1 Self signed certificate 1 CA certificate or pkes 12 certificate 1 Root certificate 1 S MIME certificate 1 Personal Printing certificate You can also generate a certificate request for a CA certificate All certificates can be deleted separately Existing certificates will be overridden when installing or generating new certificates A pkes 12 certificate can only be installed if there are currently no certificate requests or CA certificates installed Certificates status amp 8B 2
52. e configured on the TPR see gt 232 M A DNS server has been configured on the TPR see gt 4130 For the notification service you can specify up to two email recipients Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE Notification 3 Enter the email address of the recipient into the Email recipient box 4 Tick Status for the relevant recipient 41 Requirements TPR User Manual Device Settings 5 Specify the sending interval in the Status notification time area 6 Click Save amp Restart to confirm amp The settings are saved Configuring event notifications via email M SMTP parameters can be configured on the TPR see gt 232 M A DNS server has been configured on the TPR see gt 4130 For the notification service you can specify up to two email recipients and the message types Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE Notification 3 Enter the email address of the recipient into the Email recipient box 4 Tick the options with the desired message types 5 Click Save amp Restart to confirm amp The settings are saved Configuring event notifications via SNMP traps For the notification service you can specify up to two SNMP trap recipients and the message types Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE Notification 3 Enter the trap address of the recipient into the Trap target box
53. e time passwords MI The TPR is defined as user with user name and password on a RADIUS server Proceed as follows Start the TPR Control Center Select SECURITY Authentication Select PEAP from the Authentication method ist Enter the user name and the password that are used for the configuration of the TPR on the RADIUS server Select the settings intended to secure the communication in the TLS channel 6 To make the connection more secure you can also install the root certificate of the RADIUS server on the TPR gt B73 7 Click Save amp Restart to confirm The settings are saved T AUN n 80 Benefits and Purpose Mode of Operation Requirements TPR User Manual Security Configuring EAP FAST EAP FAST Flexible Authentication via Secure Tunneling validates the identity of devices or users before they gain access to network resources You can configure the TPR for the EAP FAST network authentication This makes sure that the TPR gets access to protected networks EAP FAST uses as in the case of EAP TTLS see gt 78 a channel in order to protect the data transfer The main difference is that EAP FAST does not require certificates for authentication purposes The use of certificates is optional PACs Protected Access Credentials are used to build the channel PACs are credentials that comprise up to three components e Ashared secret key that contains the preshared key betwe
54. en the TPR and the RADIUS server e An opaque element that is provided to the TPR and presented to the RADIUS server when the TPR wishes to obtain access to network resources e Other information that may be useful to the client Optional EAP FAST uses two methods to generate PACs e The manual delivery mechanism can be every mechanism that the administrator configures and considers to be safe for the network e n the case of the automatic delivery an encrypted channel is established in order to protect the authentication of the TPR as well as the delivery of the PACs MI The TPR is defined as user with user name and password on a RADIUS server 81 Man In The Middle Attack Protection TPR User Manual Security Proceed as follows 1 Start the TPR Control Center 2 Select SECURITY Authentication 3 Select FAST from the Authentication method ist 4 Enter the user name and the password that are used for the configuration of the TPR on the RADIUS server 5 Select the settings intended to secure the communication in the channel 6 Click Save amp Restart to confirm amp The settings are saved 7 7 How to Configure a Device Assignment During a man in the middle attack an invisible attacker joins the communication channel between two communication partners The attacker can view and manipulate the data traffic You can protect the communication channel between the TPR and the printer by means
55. ent for Trap target notifications trapcommu_1 max 64 characters public Defines the SNMP trap trapcommu_2 a z A Z 0 9 community of the recipient Trap community trappup on off off Enables disables the sending Restart of SNMP traps when the TPR is restarted trapcard on off off Enables disables the sending Cards of emails traps if a card event occurs at the TPR trapusb on off off Enables disables the sending USB of SNMP traps after a USB flash drive was connected to or removed from the TPR traperr on off off Enables disables the sending Problems of SNMP traps if a problem occurs at the TPR TPR User Manual 115 Appendix Parameter List Tabelle 31 Parameter List SSL connections Parameter Value Default Description security 1 4 2 Defines the encryption level to Encryption 1 character be used for SSL TLS connec tions 1 Low 56 bit 2 Medium 128 bit 3 High 128 256 bit 4 Compatible 40 256 bit Table 32 Parameter List Web access Parameters Value Default Description http_allowed on off on Defines the permitted type of HTTP HTTPS connection HTTP HTTPS to the TPR Control Center If HTTPS is exclusively chosen as the connection type http_allowed off the administrative access to the TPR Control Center is protected via SSL TLS http_pwd max 64 characters blank Defines the password for the Password a z A Z 0 9 administrative access to the TPR
56. er password used by the TPR to connect to the POP3 server TPR User Manual 33 Network Settings Configuring SMTP Proceed as follows Start the TPR Control Center Select NETWORK Email Configure the SMTP parameters see Table 7 gt 234 Click Save amp Restart to confirm ER wWNS The settings are saved Table 7 SMTP Parameters Parameters Description SMTP Server name Defines the name of the SMTP server SMTP Server port Defines the port number used by the TPR to send emails to the SMTP server The port number 25 is preset SMTP TLS Enables disables TLS The security protocol TLS Transport Layer Security is used to encrypt the transmission between the TPR and the SMTP server The cipher strength is defined via the encryption level gt E 61 SMTP Sender name Defines the email sender name to be used by the TPR SMTP Login Enables disables the SMTP authentication for the login SMTP User name Defines the user name for the SMTP authentication SMTP Password Defines the password for the SMTP authentication SMTP Security S MIME Enables disables the encryption and signing of emails via S MIME SMTP Signing emails Defines the signing of emails A signature created by the sender allows the recipient to verify the identity of the sender and to make sure that the email was not modified An S MIME certificate gt B 67 is required for the signing of emails SMTP Full encryption Defi
57. erfaces can be blocked at the same time 4 Click Save amp Restart to confirm The setting will be saved To block all TCP or IP ports see How to Control the Access to the TPR TCP Port Access Control gt E66 65 TCP Port Access Control Security Levels Exceptions Test Mode TPR User Manual Security 7 4 Howto Control the Access to the TPR TCP Port Access Control You can control the access to the TPR To do so various TCP port types on the TPR can be blocked Network elements with access rights can be defined as exceptions and excluded from blocking The TPR only accepts data packets from network elements defined as exceptions The port types to be blocked must be defined in the Security level area The following categorization can be selected e Lock TCP access locks TCP ports HTTP HTTPS e Lock all locks IP ports In order to exclude network elements e g clients DNS server SNTP server from port locking they must be defined as exceptions To do so the IP addresses or MAC addresses hardware addresses of the network elements with access rights must be entered in the Exceptions area Please note e MAC addresses are not delivered through routers e The use of wildcards allows you to define subnetworks The test mode allows you to check the configured access protection If the test mode is activated access protection remains active until the TPR is rebooted Afte
58. ertification authority will then create a CA certificate on the basis of the certificate request The certificate must be in base 64 format 71 Requirements TPR User Manual Security If a certificate request has already been created on the TPR it will be overwritten Proceed as follows 1 Start the TPR Control Center Select SECURITY Certificates Click Certificate request Enter the required parameters see Table 14 gt B71 Click Create a request The creation of the certificate request is in progress This may take a few minutes 6 Select Upload and save the requests in a text file 7 Click OK 8 Send the text file as certificate request to a certification authority When the CA certificate has been received it must be saved in the TPR see gt 72 AR WN Saving the CA Certificate on the TPR If a CA certificate has already been installed on the TPR it will be overwritten M A certificate request has been created at an earlier date see gt 271 M The certificate must be in base 64 format Proceed as follows 1 Start the TPR Control Center 2 Select SECURITY Certificates 3 Click Requested certificate 4 Click Browse 72 Requirements TPR User Manual Security 5 Specify the CA certificate 6 Click Install amp The CA certificate is saved in the TPR Saving the Root Certificate on the TPR The TPR offers a number of authentication methods to verify its iden
59. ervice cannot be reached allowed entry 1 60000 default 120 The connection status is displayed in the table ThinPrint status If the connection to the Connection Service was refused it is because a value client ID authentication key port or server name was entered incorrectly In this case verify and correct your settings and click Save amp Restart 58 TPR User Manual ThinPrint Settings 6 8 How Does the TPR Receive Encrypted Data A secure connection during the transfer of print jobs between ThinPrint server or Connection Service and the TPR is guaranteed by means of an SSL TLS encryption The cipher strength is defined via the encryption level gt B61 The ThinPrint server requests a certificate from the TPR By means of this certificate the ThinPrint server checks whether the TPR is authorized to receive the print data If an encryption was enabled on the ThinPrint server you must install a certificate from a corresponding Certification Authority both on the ThinPrint server and the TPR To authorize the TPR to receive encrypted print data proceed as follows e Create a certificate request see gt E171 e Save the CA certificate see gt 572 59 What information do you need TPR User Manual Security 7 Security The following security mechanisms can be configured and activated according to your demands e How to Define the Encryption Level for SSL TLS Connections gt
60. es the TPR can compose its own address It simply replaces the first 64 bits prefix FE80 with the prefix that was sent in the RA MI The IPv6 parameter has been activated MI The Automatic configuration parameter has been activated see gt 28 To configure the assignment of IPv6 addresses see gt 828 InterCon NetTool The InterCon NetTool has been developed by SEH Computertechnik GmbH for the administration of SEH network devices The IP Wizard of the InterCon NetTool helps you to configure the TCP IP parameters e g the IP address You can manually enter the desired IPv4 address and save it in the TPR using the IP Wizard To configure an IPv4 address via the InterCon NetTool see gt B26 TPR Control Center You can manually enter the desired IP address and save it in the TPR using the TPR Control Center T 26 28 e To configure an IPv4 address via the TPR Control Center see gt ME e To configure an IPv6 address via the TPR Control Center see gt 15 Requirements TPR User Manual General Information ARP PING The assignment of the IP address to the hardware address can be done via the ARP table The ARP table is an internal system file in which the assignment is temporarily saved about 15 min This table is administered by the ARP protocol By means of the arp and ping commands you can save the IP address in the TPR If the TPR already has an
61. es TLS The security protocol TLS Transport Layer Security is used to encrypt the transmission between the TPR and the SMTP server Defines the email sender name to be used by the TPR Enables disables the SMTP authentication for the login Defines the name used by the TPR to connect to the SMTP server Defines the password used by the TPR to connect to the SMTP server Enables disables the encryption and signing of emails via S MIME Defines the signing and encryption of emails Enables disables the attachment of a public key to an email 105 Appendix Parameter List Table 21 Parameter List Bonjour Parameters Value Default Description bonjour on off on Enables disables the Bonjour Bonjour service bonjour_name max 64 characters Default Defines the Bonjour name of Bonjour name a z A Z 0 9 Name the TPR Table 22 Parameter List Date Time Parameters Value Default Description ntp on off on Enables disables the use of a Date Time time server SNTP ntp_server max 255 characters pool ntp Defines a time server via the IP Time server a z A Z 0 9 org address or the host name A host name can only be used ifa DNS server was configured beforehand ntp_tzone UTC GMT EST CET CE The time zone is used to Time zone EDT CST CDT ST EU equalize the difference MST MDT PST between the time received PDT etc over the time server and the local time Table 23 Para
62. eset Button of the Device gt 524 TPR User Manual 17 Administration Methods 2 1 Administration via the TPR Control Center Which Functions Are The TPR Control Center comprises all features for the administration Supported of the TPR The TPR Control Center is stored in the TPR and can be displayed by means of a browser software Internet Explorer Firefox Safari Requirements M The TPR is connected to the network and the mains voltage M The TPR has a valid IP address Starting the TPR Control Center Proceed as follows 1 Open your browser 2 Enter the IP address of the TPR 10 as the URL amp The TPR Control Center appears in the browser If the TPR Control Center is not displayed check the proxy settings of your browser You can also start the TPR Control Center via the software tool InterCon NetTool Proceed as follows 1 Highlight the TPR in the device list 2 Select Actions Launch Browser from the menu bar amp The TPR Control Center appears in the browser TPR User Manual 18 Structure of the TPR Control TPR User Manual Center Administration Methods SEH TPR 10 Control Center 192 168 0 140 index_en htmi mAB NETWORK DEVICE SECURITY MAINTENANCE s TPR 40 ICOD1F0B E Deutsch ILE Fran ais E amp Espa ol BE italiano a Portugu s asa EE at EE gerr Le a30 Fig 1 TPR Control Center START The available menu items are located in the n
63. euaolev Meas Rhe tees veenskeas ees 1 2 DOCUMENTATION 0 ccc ccc ete eee ee ee eee ee eeeeeeees 1 3 Support and Service ccc ccc cece cece e nee teen ennennes 14 Your SaNCtYy one cect csk pacer ce eensteeh ETEO ETA E NERSE E ESE Wee First Steps rereana ediren aas a e E e eee ces 1 6 Saving the IP Address in the TPR ssssunssnnnssnnsssrenssennn 2 Administration Methods ccc cee cec ccc eevees 2 1 Administration via the TPR Control Center cc cece eee 2 2 Administration via the InterCon NetTool cece eee eee ee 2 3 Administration via Email 0 ccc cece cece eee eee e ee eeees 2 4 Administration via the Status Reset Button of the Device 3 Network SettingS ccc ccc cece eee e cece eee eseeeees 3 1 How to Configure IPv4 Parameters 0c ccc e eee e cece eee eees 3 2 How to Configure IPv6 Parameters 0c ccc eee n cece een eees 3 3 How to Configure the DNS cece eee ence eee een eens 3 4 How to Configure SNMP cece cece nen e nee e ee enneneees 3 5 How to Configure POP3 and SMTP cece eee cence een eees 3 6 How to Configure Bonjour cece cece cece een e eee e eee eee 3 7 How to Configure the Device Time ccc ccc cence eee eeee 4 Device Settings ciiiwisiw citer causes t TE ennaa Ea 4 1 How to Determine a Description cece cece ence e eens 4 2 How to Configure the Communication between
64. eveloped by SEH Computertechnik GmbH for the administration of SEH network devices within a predefined network The IP address is the unique address of each node in a network i e an IP address may occur only once on a local network The system administrator usually assigns the IP address The address must be saved in the TPR to make sure that it can be addressed within the network With the help of the subnet mask large networks can be split up into subnetworks In this case the user IDs of the IP addresses are assigned to the various subnetworks By default the TPR is configured for the use without subnetworks If you wish to use a subnetwork you can configure the relevant parameter via the TPR Control Center or the InterCon NetTool The TPR can be configured and monitored via the TPR Control Center The TPR Control Center is stored in the TPR and can be displayed by means of a browser software Internet Explorer Firefox Safari 99 What information do you need TPR User Manual 9 2 Parameter List Appendix Parameter List This chapter gives an overview of all parameters of the TPR The parameter list gives details about the functions and values of the individual parameters Parameter List IPv4 2101 Parameter List IPv6 E101 Parameter List DNS gt 8102 Parameter List SNMP E103 Parameter List POP3 E104 Parameter List SMTP 5105 Parameter List Bonj
65. f additional features of the TPR During the parameter backup the parameters file will be saved automatically on the USB flash drive and updated after a parameter change The file contains all parameter values of the TPR exception passwords The TPR will automatically take over the values contained in the parameters file on the USB flash drive This way the parameter values can be quickly and easily loaded to other TPR via a USB flash drive e g when configuring new devices To use the USB flash drive on the TPR the USB flash drive must have the correct file system You may have to format the USB flash drive if necessary During the formatting process all data on the USB flash drive will be permanently lost Whether formatting is required will be displayed under MAINTENANCE USB device status in the TPR Control Center O Formatting the USB Flash Drive gt B86 O Saving the Parameter Values Automatically gt 286 O Loading the Parameter Values Automatically to a TPR gt 86 85 Requirements Requirements Requirements TPR User Manual Maintenance Formatting the USB Flash Drive M A USB flash drive has been connected to the TPR Proceed as follows 1 Start the TPR Control Center 2 Select MAINTENANCE USB device 3 Click Formatting The USB flash drive will be formatted Saving the Parameter Values Automatically M A USB flash drive has been connected to
66. figure a different LPD queue name Depending on the configuration the printing behavior is either compliant to RFC1179 or resembles Microsoft LPD printing Your advantage When using the LPD protocol for data transfer additional print job attributes will be transferred and displayed in the job history gt 494 51 ThinPrint Settings The support of the transfer methods depends on the printer Consult your printer manual for more information Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE ThinPrint 3 Enter the printer parameters into the boxes see Table 12 gt 52 Select a transfer method for the printer Click Save amp Restart to confirm OEN amp The settings are saved Table 12 Printer Parameters Parameters Description ID The ID clearly identifies the printer for the ThinPrint server Printer Defines the printer name The printer name is purely a description and is used to distinguish the printers The printer can only use the ThinPrint AutoConnect feature if a printer name was defined If the printer supports SNMP the printer class is derived automatically via SNMP A freely definable description can be entered at any time and will override any automatically derived printer name Class Printers with compatible drivers can be arranged in one class In addition to the defining of the printer name you can also define a printer class if you want to use the ThinPrint
67. fore you can use a printer for Personal Printing you must first set up the printer on the Personal Printing server It will automatically get a printer ID The print jobs are assigned via the printer ID The printer that is connected to the TPR must then be integrated to the TPR To this purpose you must define the printer ID on the TPR The printer ID must be identical to the ID on the Personal Printing server You can configure various parameters to customize the print output Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE Personal Printing 3 Enter the ID of the connected printer into the Printer ID box 4 Specify the parameters for the print output see Table 11 gt B47 5 Click Save amp Restart to confirm amp The setting will be saved Table 11 Print Output Parameters Parameters Description Trigger print jobs Enables disables the release of one single print job per separately cardswipe If several print jobs are available they have to be released individually one after another Job deletion by server Enables disables the immediate deletion of printed jobs by the Personal Printing server This setting will override any settings for the deletion of printed jobs set on the Personal Printing server If neither the job deletion by server nor the job deletion by TPR is enabled printed jobs will be deleted as defined in the settings on the Personal Printing server TPR User Manual 47
68. functions A notice contains information that should be heeded The hand symbol marks the beginning of instructions Individual instructions are set in italics The arrow confirms the consequence of an action Hooks mark requirements that must be met before you can begin the action A square marks procedures and options that you can choose Eye catchers mark lists This sign indicates the summary of a chapter The arrow marks a reference to a page within this document In the PDF file you can jump to this page by clicking the symbol Established terms of buttons or menu items for example are set in bold Command lines are set in Courier font Proper names are put in inverted commas General Information 1 3 Support and Service Support If questions remain please contact our hotline SEH Computertechnik GmbH offers extensive support Monday through Thursday from 8 00 a m to 4 45 p m and Friday from 8 00 a m to 3 15 p m CET 49 0 521 94226 44 support seh de Current Services The following services can be found on the SEH Computertechnik GmbH homepage http www seh technology com e current firmware current tools current documentation current product information e product data sheet e and much more TPR User Manual 10 Intended Use Improper Use Safety Regulations Warnings TPR User Manual General Information 1 4 Your Safety Read and observ
69. g an SSL TLS encryption When querying print jobs the user data user ID user PIN etc will be transmitted in an encrypted way The cipher strength is defined via the encryption level gt 861 In this process the Personal Printing protocol which establishes the connection between the Personal Printing server and the TPR and transmits the data packets will be encrypted via SSL TLS This means that certificates are needed for the authentication A certificate from a matching CA Certification Authority must be installed both on the Personal Printing server and the TPR The Personal Printing server requests a CA certificate from the TPR By means of the related root certificate the CA certificate will be verified by the Personal Printing server To this purpose the root certificate must be stored on the Personal Printing server e Create a certificate request on the TPR see Creating a Certificate Request for CA Certificates 5171 e Create a CA certificate using the certificate request and the certification authority e Install the CA certificate on the TPR see Saving the CA Certificate on the TPR 172 e Install the root certificate of the certification authority on the Personal Printing server e Enable the SSL TLS encryption on the TPR 45 Requirements Requirements TPR User Manual Personal Printing Settings MI The port number of the Personal Printing server is set to 443 see gt E44
70. hinPrint 59 Status email 41 Status page 92 Data format 92 Print 92 Printer 92 Status reset button 24 88 Print service page 93 Print status page 93 Resetting parameters 88 Subnet mask 99 Support 10 System requirements 7 T TCP port access control 66 TCP IP 26 Test mode 66 ThinPrint Client 6 ThinPrint Connection Service 7 Appendix Index Configuring 57 ThinPrint encryption 7 59 ThinPrint Engine 6 ThinPrint port 50 Time of the device 36 Time server 36 Time zone 36 TPR Control Center 18 99 Language 19 Start 18 Structure 19 Transfer methods 51 Types of connection 63 U Update 90 USB device 85 Format 86 Parameter backup 85 UTC 36 V Version number 90 Ww Web access 63 Web connection types Define 63 Z ZeroConf 14 126
71. hod that is used to identify devices or users in the network Defines the name of the TPR as saved in the authentication server RADIUS Defines the password of the TPR as saved in the authentication server RADIUS Defines the kind of external authentication for the EAP authentication methods TTLS PEAP and FAST Defines the kind of inner authentication for the EAP authentication methods TTLS PEAP and FAST Defines the anonymous name for the unencrypted part of the EAP authentication methods TTLS PEAP and FAST TPR User Manual 118 Parameters Value auth_wpa_addon WPA add on a z A Z 0 9 Table 36 Parameter List USB device Parameters Value Default autoSync on off on Parameter backup Table 37 Parameter List Status page Parameters Value Default spage on off on Status page spMode ASCII ASCII Status page PostScript mode DATAMAX Citizen Z TPR User Manual Default max 255 characters blank Appendix Parameter List Description Specifies an optional WPA expansion Description Enables disables the automatic parameter backup to a connected USB flash drive Description Enables disables the printing of status and service pages on the printer The print job can be triggered by pressing the status reset button on the device or by clicking the corresponding button in the TPR Control Center Defines the data format in which the status page is p
72. ich the print job has been sent to the TPR Size Size in Kb of the print job Duration The time needed by the TPR for processing the print job Deleting Print Jobs Manually Proceed as follows 1 Start the TPR Control Center 2 Select MAINTENANCE Job history 3 Click Delete All print jobs listed in the job history will be deleted 95 What information do you need TPR User Manual 9 Appendix Appendix e Glossary gt 97 e Parameter List gt B100 e Troubleshooting gt E120 e List of Figures gt 8123 e Index 92124 96 What information do you need Default Name TPR User Manual Appendix Glossary 9 1 Glossary The glossary contains information about manufacturer specific software solutions and terms from the world of network technology Manufacturer Specific Software Solutions e InterCon NetTool gt 399 e TPR Control Center gt 899 Network Technology e Default Name 597 e Gateway gt B98 e Hardware Address gt 98 e Host Name gt B98 e IP Address gt 99 e Subnet Mask gt 99 The default name of the TPR is made up of the two letters IC and the device number The device number consists of the last six numbers of its hardware address Default name pts IC0001 ff Device number The default name can be found in the TPR Control Center the InterCon NetTool on the status or
73. ick Installation Guide RY lt Information about security hardware installation and the e initial operation procedure Online Help TPR Control Center The Online Help contains detailed information about how to use the TPR Control Center Online Help InterCon NetTool The Online Help contains detailed information about how to use the software tool InterCon NetTool This documentation has been designed as an electronic document for screen use Many programs e g Adobe Reader offer a bookmark navigation feature that allows you to view the entire document structure This document contains hyperlinks to the associated information units If you want to print this documentation we recommend using the printer setting Duplex or Booklet The explanation of technical terms used in this document is summarized in a glossary The glossary provides a quick overview of technical matters and background information see gt 97 A variety of symbols are used within this document Their meaning is listed in the following table TPR User Manual General Information Table 1 Conventions within the documentation Symbol Convention A _ Warning Note Proceed as follows 1 Mark Confirmation M Requirements O Option e DE Bold Coulmier Proper names Description A warning contains important information that must be heeded Non observance may lead to mal
74. inter objects for the relevant client on the server AutoConnect will automatically connect all selected printers on the server with a ThinPrint port provided that templates exist e The ThinPrint Connection Service allows you to print to ThinPrint clients that are found behind a firewall for example This allows the connection via masked networks as well as the assignment of the relevant print job to the respective end device e By means of the ThinPrint SSL TLS encryption the print data is protected during the transmission and will be decrypted by the ThinPrint clients or gateways before printing System The TPR has been designed for the use in TCP IP based networks A Requirements Personal Printing server must be integrated within the network The network printers involved must support RAW or socket printing printing via TCP IP ports IPP printing or LPD printing When using the ThinPrint function a ThinPrint Server needs to be integrated within the network If you want to use ThinPrint or the ThinPrint Connection Service you need the relevant licenses TPR User Manual 7 Structure of the Documentation Document Features Terminology Used in this Document Symbols and Conventions TPR User Manual General Information 1 2 Documentation The TPR documentation consists of the following documents amp User Manual L Detailed description of the TPR configuration and i administration User Documentation Qu
75. is sent to the communicating party A cipher suite is agreed upon that will be used later on The strongest cipher suite that is supported by both parties will be used by default If there is no cipher suite that is supported by both parties no SSL TLS connection will be established The communicating parties of the TPR e g browser must support the cipher suites of the selected encryption level in order to successfully establish a connection When problems occur select a different level or reset the parameters of the TPR see gt B87 61 Security The following encryption levels can be selected e Compatible Cipher suites with an encryption of 40 to 256 bit will be used e Low Only cipher suites with a low encryption of 56 bit will be used Fast connection e Medium Only cipher suites with an encryption of 128 bit will be used e High Only cipher suites with a strong encryption of 128 to 256 bit will be used Slow connection Proceed as follows Start the myUTN Control Center Select SECURITY SSL connections Select the desired encryption level from the Encryption area Click Save amp Restart to confirm The setting will be saved aj aN WH gt S Detailed information about the individual SSL connection status e g cipher suites can be found on the Details page at SSL connection status Details TPR User Manual 62 What do you want to do Types of Connection HTTP HTTPS TPR User Manual
76. ject line see Syntax and Format of an Instruction gt B22 5 Send the email The TPR receives the email and carries out the instruction Note the following syntax for instructions in the subject line cmd lt command gt lt comment gt 22 Security with TAN Parameter Changes TPR User Manual Administration Methods The following commands are supported Commands Option Description lt command gt get status Sends the status page of the TPR get parameters Sends the parameter list of the TPR set parameters Sends parameters to the TPR The syntax and values can be obtained from the parameter list see gt B 100 Parameter and value must be entered into the email body update TPR Carries out an automatic update using the software that is attached to the email help Sends a page containing information about the remote maintenance lt comment gt Freely definable text for descriptions The following applies for the instructions e not case sensitive e one or more space characters are allowed e max length is 128 byte e only the ASCII format can be read You will need a TAN for updates or parameter changes on the TPR You will get a current TAN from the TPR via email e g when receiving a status page Enter the TAN into the first line of the email body A space character must follow Parameter changes are integrated into the email body with the following syntax lt parameter gt
77. k Press and hold the status reset button for a short time The status page is printed 89 What Happens during an Update When is an Update recommended Where do I Find the Update Files TPR User Manual Maintenance 8 4 Howto Perform an Update You can carry out software and firmware updates on the TPR Updates allow you to benefit from currently developed features In the course of an update the old firmware software will be overwritten and replaced by the new firmware software The parameter default settings of the device remain unchanged An update should be undertaken if function do not work properly and if SEH Computertechnik GmbH has released a new software or firmware version with new functions or bug fixes Check the installed software and firmware version on the TPR You will find the version number on the TPR Control Center homepage or in the product list in the InterCon NetTool Current firmware and software files can be downloaded from the homepage of SEH Computertechnik GmbH http www seh technology com services downloads tpr html Every update file has its own readme file Take note of the information contained in the readme file Proceed as follows Start the TPR Control Center Select MAINTENANCE Update Click Browse Select the update file Click Install The update is executed The TPR will be restarted aA WN gt 90 Maintenance 8 5 Howto Restart the TPR
78. le 30 Parameter List Notification Parameters Value Default Description mailto_1 valid email address blank Defines the email address of mailto_2 max 64 characters the recipient for notifications Mail recipient noti_pup_1 on off off Enables disables the sending noti_pup_2 of emails when the TPR is Restart restarted noti_stat_1 on off off Enables disables the noti_stat_2 periodical sending of a status Status email to recipient 1 or 2 notistat_d al daily al Specifies the interval at which Interval su Sunday a status email is sent mo Monday tu Tuesday we Wednesday th Thursday fr Friday sa Saturday notistat_h 1 1 Hour 0 Specifies the time at which a hh 2 2 Hour status email is sent 3 3 Hour etc 114 Appendix Parameter List Parameters Value Default Description notistat_tm 0 00 min 0 Specifies the time at which a mm 1 10 min status email is sent 2 20 min 3 30 min 4 40 min 5 50 min 6 00 min noti_card_1 on off off Enables disables the sending noti_card_2 of emails traps if a card event Cards occurs at the TPR noti_usb_1 on off off Enables disables the sending noti_usb_2 of emails after a USB flash USB drive was connected to or removed from the TPR noti_err_1 on off off Enables disables the sending noti_err_2 of emails if a problem occurs Problems at the TPR trapto_1 valid IP address 0 0 0 0 Defines the SNMP trap trapto_2 address of the recipi
79. lues included in the file will be taken over by the device O Displaying Parameter Values S284 O Saving the Parameter File gt 284 O Loading the parameters file to a TPR gt 84 83 TPR User Manual Maintenance Displaying Parameter Values Proceed as follows 1 Start the TPR Control Center 2 Select MAINTENANCE Parameter backup 3 Click the icon amp amp The current parameter values are displayed A detailed description of the parameters can be found in the Parameter List 100 Saving the Parameter File Proceed as follows 1 Start the TPR Control Center 2 Select MAINTENANCE Parameter backup 3 Click the icon The current parameter values are displayed 4 Save the parameters file on a local system with the help of your browser amp The parameter file is copied and secured Loading the parameters file to a TPR Proceed as follows Start the TPR Control Center Select MAINTENANCE Parameter backup Click Browse Specify the parameters file Click Import The parameter values in the file are applied to the TPR AAR WN gt 84 Parameter Backup Formatting What do you want to TPR User Manual do Maintenance You can also automatically load a parameters file from a USB flash drive to a TPR see gt B85 8 2 Howto Use a Connected USB Device You can connect a USB flash drive to the USB port of the TPR to make use o
80. mepage is displayed when entering the IP address of the TPR into the browser To open the TPR Control Center add the port number to the IP address lt IP address gt 8080 In the InterCon NetTool the TPR appears as printer Type column Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE TPR 10 3 Enter the port numbers into the relevant boxes in the Local services ports area 4 Click Save amp Restart to confirm The settings are saved 40 What do you want to do Requirements TPR User Manual Device Settings 4 4 Howto Use the Notification Service You can get notifications in the form of emails or SNMP traps from the TPR By means of these notifications up to four email recipients can be informed about various events irrespective of time and location The following message types are possible e The status email periodically informs the recipient about the status of the TPR e The event notification informs you about a specific event on the TPR via email or SNMP trap The event can be The restart of the TPR A card event on the TPR The connection or disconnection of a USB flash drive to from the TPR A problem with the TPR O Configuring the sending of status emails gt 241 O Configuring event notifications via email gt 542 O Configuring event notifications via SNMP traps gt 2142 Configuring the sending of status emails M SMTP parameters can b
81. meter List Description Parameters Value Default Description sys_name max 64 characters blank Defines the host name of the Host name a z A Z 0 9 TPR sys_descr max 64 characters blank Freely definable description of Description a z A Z 0 9 the TPR sys_contact max 64 characters blank Freely definable description of Contact person a z A Z 0 9 the contact person TPR User Manual 106 Appendix Parameter List Table 24 Parameter List TPR 10 Parameters Value Default Description nat_local valid IP address 192 168 Defines the IP address of the Local IP address 156 156 TPR for the internal 28 communication The TPR and printer constitute an internal IP network The local IP address is the gateway to the printer IP address The subnet mask is 255 255 255 240 nat_remote valid IP address 192 168 Defines the IP address of the Printer IP 156 157 printer for the internal address 28 communication The TPR and printer constitute an internal IP network The printer IP address and related parameters are set by the internal DHCP server of the TPR nat_src on off off Enables disables Masquerading masquerading Masquerading is a type of NAT Network Address Translation In NAT all external IP addresses are translated to the local IP address nat_icmp on off on Enables disables the routing of ICMP ICMP packets to the printer IP address In IP networks ICMP is used to tr
82. n method of the SNMP user group 2 Description Enables disables the POP3 functionality Defines the name of the POP3 server Defines the port of the POP3 server used by the TPR for receiving emails When using SSL TLS enter 995 as port number Defines the authentication method to be used Defines the time interval in minutes for retrieving emails from the POP3 server Defines the maximum email size in Kbyte to be accepted by the TPR Defines the name used by the TPR to log on to the POP3 server Defines the password used by the TPR to log on to the POP3 server 104 TPR User Manual Table 20 Parameter List SMTP Parameters Value Default Appendix Parameter List smtp_srv Server name smtp_port Server port smtp_ssl TLS smtp_sender Sender name smtp_auth Login smtp_usr User name smtp_pwd Password smtp_sign Security S MIME smtp_encrypt Full encryption Signing of emails smtp_attpkey Attach public key max 128 characters 1 65535 max 5 characters 0 9 on off max 128 characters on off max 128 characters max 128 characters on off on off off sign on encrypt on off blank 25 off blank off blank blank off off on Description Defines the name of the SMTP server Defines the port number used by the TPR to send emails to the SMTP server Enables disabl
83. n IP address via ZeroConf from the address range 169 254 0 0 16 which is reserved for ZeroConf Once the TPR 10 has automatically received an IP address via a boot protocol you can save a freely definable IP address in the TPR 10 The assigned IP address of the TPR can be determined and modified via the software tool InterCon NetTool Assign the former IP address of the printer to the TPR 10 Configure the printer to DHCP if you fail to do so there will be no functionality Different methods for the assignment of the IP address are described in the following e ZeroConf gt 14 e BOOTP 914 e DHCP gt 814 e Auto Configuration IPv6 Standard gt 815 e InterCon NetTool gt 15 e TPR Control Center gt 15 e ARP PING gt 16 13 Requirements Requirements TPR User Manual General Information ZeroConf If no IP address can be assigned via boot protocols the TPR assigns itself an IP address via ZeroConf For this purpose the TPR picks an IP address at random from the address range 169 254 0 0 16 which is reserved for ZeroConf You can use the domain name service of Bonjour for the name resolution of the IP address see gt B35 BOOTP The TPR supports BOOTP which means that the IP address of the TPR can be assigned via a BOOTP server MI The BOOTP parameter has been enabled see gt B26 MI A BOOTP server is available in the network If the TPR is connected it
84. n IPv6 address must be enclosed in brackets This prevents port numbers from being mistakenly regarded as part of an IPv6 address Example http 2001 608 af 1 100 443 28 Which Types of IPv6 Addresses are available TPR User Manual Network Settings The URL will only be accepted by browsers that support IPv6 There are different types of IPv6 addresses The prefixes of the IPv6 addresses provide information about the IPv6 address types e Unicast addresses can be routed globally These addresses are unique and therefore unambiguous A packet that is sent to a unicast address will only arrive to the interface that is assigned to this address Unicast addresses have the prefixes 2 or 3 Anycast addresses are assigned to more than one interface This means that a data packet that is sent to this address will arrive at various devices The syntax of anycast addresses is the same as the one of unicast addresses The difference is that anycast addresses choose one interface out of many A packet that is dedicated to an anycast address arrives at the nearest interface in line with the router metrics Anycast addresses are only used by routers Multicast addresses allow you to send data packets to different interfaces at the same time without a proportional increase of the bandwidth A multicast address can be recognized by the prefix ff Proceed as follows 1 Start the TPR Control Center 2 Select NETWORK
85. n and encrypt the emails that are sent by the TPR 2 Na Ua a Im o If an S MIME certificate has already been installed on the TPR it will be overwritten M The certificate must be in base 64 format Proceed as follows 1 Start the TPR Control Center Select SECURITY Certificates Click S MIME certificate Click Browse Specify the S MIME certificate Click Install The S MIME certificate will be saved on the TPR AMA WK 74 Security Saving the Personal Printing Certificate on the TPR Personal Printing certificates are used to verify the identity of the Personal Printing server gt 46 If a Personal Printing certificate has already been installed on the TPR it will be overwritten Requirements M The certificate must be in base 64 format Proceed as follows 1 Start the TPR Control Center Select SECURITY Certificates Click Personal Printing certificate Click Browse Specify the Personal Printing certificate 6 Click Install amp The Personal Printing certificate will be saved on the TPR aw WN Deleting Certificates Proceed as follows 1 Start the TPR Control Center 2 Select SECURITY Certificates 3 Select the certificate to be deleted via the icon amp The certificate is displayed 4 Click Delete amp The certificate is deleted TPR User Manual 75 What is IEEE 802 1x What is EAP What is RADIUS What do you want TPR User Man
86. nes the encryption of emails Only the recipient can open and read the encrypted email An S MIME certificate E67 is required for the encryption TPR User Manual 34 TPR User Manual Network Settings Parameters Description SMTP Attach public key Sends the public key together with the email Many email clients require the public key to be attached in order to view the emails 3 6 Howto Configure Bonjour Bonjour allows the automatic recognition of computers devices and network services in TCP IP based networks The TPR uses the following Bonjour functions e Checking the IP address assigned via ZeroConf e Assignment of host names to IP addresses e Location of server services without knowledge of the device s host name or IP address When checking the IP address assigned via ZeroConf see ZeroConf gt 14 the TPR sends a query to the network If the IP address has already been assigned elsewhere in the network the TPR will receive a message The TPR then sends another query with a different IP address If the IP address is available it is saved in the TPR The domain name service is used for additional Bonjour features Since there is no central DNS server in Bonjour networks each device and application has its own small DNS server This integrated DNS server mDNS collects and administers the information of all participants in the net In addition to the features of a classical DNS server the mDNS server
87. nter should be aborted It is advisable to abort a connection attempt if the printer is not physically available for the TPR and the ThinPrint port is to be freed for subsequent print jobs for example The Job send timeout parameter specifies the period of time in seconds after which a current print job should be aborted It is advisable to abort a print job if the print job cannot be executed due to a printer error for example no paper Both timeouts cause the print jobs to be deleted In pure ThinPrint printing an error message is also sent to the ThinPrint server No error message is sent to the ThinPrint server when printing takes place via the Connection Service 53 What do you want todo TPR User Manual ThinPrint Settings Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE ThinPrint 3 In the Printer connection timeout and Job sending timeout fields enter the periods of time in seconds after which the timeouts should take effect 0 s off Click Save amp Restart to confirm The settings are saved A 6 5 How to Get Status Information on the Printer Connection You can view the connection statuses of the embedded printer The following connection statuses can be displayed Connection Status Description Time out No connection to the printer at present A connection was available at an earlier stage reachable A connection to the printer is available at
88. of a device assignment and thus prevent a man in the middle attack During the device assignment a TPR is permanently assigned to the network printer The TPR can then only be operated in combination with the assigned network printer The data traffic cannot be controlled via an intermediate attacker and thus is protected Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE ThinPrint printer 3 Tick Device Assignment 4 Click Save amp Restart to confirm amp The settings are saved 82 What information do you need What do you want to do TPR User Manual Maintenance 8 Maintenance e How to Secure the TPR Parameters Backup gt 83 e How to Use a Connected USB Device 185 e How to Reset Parameters to their Default Values Reset gt 887 e How to Perform an Update gt 890 e How to Restart the TPR gt 891 e How to Print a Status or Service Page 12192 e How to Display the Job History gt 94 8 1 How to Secure the TPR Parameters Backup All parameter values of the TPR exception passwords are saved in the parameters file You can save the parameters file as backup copy on your local client This allows you to get back to a stable configuration status at any time You can edit the parameter values of the copied file using a text editor Afterwards the configured file can be downloaded to a TPR The parameter va
89. om a mail server POP3 is required in the TPR to administer the TPR via email 32 Network Settings SMTP SMTP Simple Mail Transfer Protocol is a protocol that controls the sending of emails in networks SMTP is required in the TPR to administer the TPR via email and to run the notification service mg 33 O Configuring SMTP gt 34 What do youwant I Configuring POP3 gt to do T Configuring POP3 Proceed as follows Start the TPR Control Center Select NETWORK Email Configure the POP3 parameters see Table 6 gt Click Save amp Restart to confirm 33 ERwNS The settings are saved Table 6 POP3 Parameters Parameters Description POP3 Enables disables the POP3 functionality POPS Server name Name of the POP3 server POPS Server port Defines the port used by the TPR for receiving emails The port number 110 is preset When using SSL TLS enter 995 as port number POP3 Security Defines the authentication method to be used APOP SSL TLS When using SSL TLS the cipher strength is defined via the encryption level gt B61 POP3 Check mail every Defines the time interval in minutes for retrieving emails from the POP3 server POP3 Ignore mail Defines the maximum email size in Kbyte to be exceeding accepted by the TPR 0 unlimited POP3 User name Defines the user name used by the TPR to connect to the POP3 server POP3 Password Defines the us
90. on O Configuring an SNMP Query via the TPR Control Center gt 256 O Displaying Printer Status Messages via the TPR Control Center gt 56 Configuring an SNMP Query via the TPR Control Center MI The printer supports SNMP Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE ThinPrint printer 3 Tick SNMP 4 Enter the interval in seconds into the Monitoring interval box 5 Click Save amp Restart to confirm amp The settings are saved Displaying Printer Status Messages via the TPR Control Center Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE ThinPrint printer The printer messages will be displayed under ThinPrint printer status in the Status row 56 TPR User Manual ThinPrint Settings 6 7 Howto Use the ThinPrint Connection Service The ThinPrint Connection Service sends print jobs via TCP IP to ThinPrint clients i e the TPR in masked networks NAT The Connection Service manages the entire communication between the ThinPrint server and the corresponding client This allows the connection via masked networks as well as the assignment of the relevant print job to the respective end device To use this service you must prepare the TPR For each end device that uses the Connection Service you must store the client ID and an authentication key in the database of the Connection Service You must also set these two value
91. onal Printing server This setting will override any settings for the deletion of printed jobs set on the Personal Printing server If neither the job deletion by server nor the job deletion by TPR is enabled printed jobs will be deleted as defined in the settings on the Personal Printing server Enables disables the deletion of printed jobs by the TPR The time of deletion can be defined via the delay This setting will override any settings for the deletion of printed jobs set on the Personal Printing server If neither the job deletion by server nor the job deletion by TPR is enabled printed jobs will be deleted as defined in the settings on the Personal Printing server Defines a delay in seconds for the deletion of printed jobs by the TPR A delay assures the complete transfer to the printer and printout of the print job Enables disables the audio feedback Audio signals give information about the triggering of print jobs 110 TPR User Manual Table 27 Parameter List ThinPrint Parameters Value Default Appendix Parameter List Description tpgPort ThinPrint port tpgBdwidth Bandwidth tpgBdwidthVal Bandwidth value tpgPrtoToVal Printer connection timeout tpgJobSndTout Job sending timeout 1 65535 max 5 characters 0 9 4000 on off off 1600 1000000 at least 4 characters max 7 characters 0 9 256000 0 86400 60 max 5 character
92. our gt B106 Parameter List Date Time 5106 Parameter List Description gt 106 Parameter List TPR 10 E 107 Parameter List Local Service Ports 1108 Parameter List Personal Printing 109 Parameter List ThinPrint 2111 Parameter List ThinPrint Connection Service 58112 Parameter List ThinPrint printer 8113 Parameter List Notification gt 2114 Parameter List SSL connections 2116 Parameter List Web access gt Parameter List Port Blocking E117 Parameter List Authentication E116 116 MF gt 8118 Parameter List USB device B119 Parameter List Status page 8119 100 Appendix Parameter List lt gt To view the current parameter values of your TPR see Displaying Parameter Values B84 and How to Print a Status or Service Page gt 892 Table 15 Parameter List IPv4 Parameters Value Default Description ip_dhcp on off on Enables disables the DHCP DHCP protocol ip_bootp on off on Enables disables the BOOTP BOOTP protocol ip_auto on off on Enables disables the IP ARP PING address assignment via ARP PING ip_addr valid IP address 169 254 Defines the IP address of the IP address 0 0 16 TPR ip_mask valid IP address 255 255 Defines the subnet mask of Subnet mask 0 0 the TPR ip_gate valid IP address 0 0 0
93. present unreachable No connection to the printer so far Unknown The connection status to the printer cannot be determined l aaam In order to get the connection status you must configure a ping query O Configuring a ping Query via the TPR Control Center gt 55 O Displaying the Printer Connection Status via the TPR Control Center gt E55 54 TPR User Manual ThinPrint Settings Configuring a ping Query via the TPR Control Center Proceed as follows 1 Aw N 5 Start the TPR Control Center Select DEVICE ThinPrint printer Tick Monitoring via ping Enter the interval in seconds into the Monitoring interval box Click Save amp Restart to confirm amp The settings are saved Displaying the Printer Connection Status via the TPR Control Center Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE ThinPrint printer The printer connection status is displayed under ThinPrint printer status in the Status row 55 What do you want to do Requirements TPR User Manual ThinPrint Settings 6 6 How to Get Printer Messages You can view printer error messages Paper empty Offline Paper jam etc and printer status messages idle printing warming up etc In order to get printer messages you must configure an SNMP query beforehand Not all printers support SNMP Consult your printer manual for more informati
94. r restarting the protection is no longer effective The test mode option is activated by default After a successful test you must deactivate the test mode so that access protection remains permanently active 66 What are Certificates Benefits and Purpose TPR User Manual Security Proceed as follows 1 Start the TPR Control Center 2 Select SECURITY TCP port access 3 Tick Port access control 4 5 Select the desired protection in the Security level area In the Exceptions area define the network elements which are excluded from port blocking Enter the IP or MAC addresses and tick the options 6 Make sure that the test mode is enabled 7 Click Save amp Restart to confirm The settings are saved The port access control is activated until the device is restarted 8 Check the port access and configurability of the TPR If the TPR can no longer be reached using the TPR Control Center restart the device see 5191 9 Clear Test mode 10 Click Save amp Restart to confirm The settings are saved The port access control is active Access to the ports is restricted 7 5 Howto Use Certificates Correctly The TPR has its own certificate management This section explains how certificates are used and when the use of certificates is recommended Certificates can be used in TCP IP based networks to encrypt data and to authenticate communication partners Certificates are electronic mess
95. rinted 119 Appendix Troubleshooting 9 3 Troubleshooting This chapter describes some problems and their solutions Problem e The TPR indicates the BIOS mode E1120 e Aconnection to the TPR Control Center cannot be established gt B121 e The password is no longer available gt 8122 The TPR indicates the BIOS mode Possible Cause The TPR switches to the BIOS mode if the firmware functions well but the software is faulty This may happen in the case of an incorrect software update for example The TPR indicates the BIOS mode when the activity LED is blinking green The TPR is not operational in the BIOS mode If the TPR is in the BIOS mode the filter BIOS mode will be created automatically in the device list of the InterCon NetTool The TPR is displayed within this filter S4 InterCon NetTool File Filter Actions Installation Search Extras Help Ab 6 IF BAP IP Address Type Version Protocol NetWare Name 169 254 126 032 TPR 10 1180813 16 ICOD1FOB Le Fiter l Ready Fig 7 InterCon NetTool TPR in the BIOS Mode TPR User Manual 120 TPR User Manual Appendix Troubleshooting The software must be reloaded to the TPR so that the TPR can switch from the BIOS mode to the normal mode Proceed as follows 1 2 3 n Start the InterCon NetTool Highlight the TPR in the device list You will find the TPR under the filter BIOS mode
96. s 0 9 0 off 0 86400 180 max 5 characters 0 9 0 off Defines the TCP port used by the TPR for communicating with the ThinPrint server Enables disables the bandwidth functionality of the ThinPrint port TPR side Defines the bandwidth in bit second used to decrease the bandwidth of the ThinPrint port TPR side Defines the period of time in seconds after which a connection attempt to a printer is aborted A connection attempt should be aborted if a printer is physically not available This frees the ThinPrint port for subsequent print jobs Defines the period of time in seconds after which a current print job is aborted if it cannot be printed due to a printer error g no paper 111 TPR User Manual Appendix Parameter List Table 28 Parameter List ThinPrint Connection Service Parameters Value Default conService Connection Service conServer Server name tpgClientID Client ID tpgAuthKey Authentication key conPort Port tpgKeepalive Keep alive tpgRetry Connection retry on off max 255 characters a z A Z 0 9 0 99999 max 5 characters 0 9 0 99999 max 5 characters 0 9 1 65535 max 5 characters 0 9 1 60000 max 5 characters 0 9 1 60000 max 5 characters 0 9 off blank 4001 60 120 Description Enables disables the ThinPrint Connection Service Define
97. s a certificate based authentication method via a RADIUS server For this purpose certificates are exchanged between the TPR and the RADIUS server An encrypted TLS connection between the TPR and the RADIUS server is established in this process Both RADIUS server and TPR need a valid digital certificate signed by a CA The RADIUS server and the print server must validate 77 Procedure Benefits and Purpose TPR User Manual Security the certificate After the mutual authentication was successful the access to the network will be freed Since each device needs a certificate a PKI Public Key Infrastructure must be available User passwords are not necessary a If you want to use the EAP TLS authentication you must observe the instructions below in the indicated order If this procedure is not adhered to the TPR in the network may not be addressable In this case you have to reset the TPR parameters see gt B87 e Create a certificate request on the TPR see Creating a Certificate Request for CA Certificates gt 171 e Create a CA certificate using the certificate request and the authentication server e Install the CA certificate on the TPR see Saving the CA Certificate on the TPR 872 e Install the root certificate of the authentication server on the TPR see Saving the Root Certificate on the TPR gt 173 e Enable the authentication method EAP ILS on the TPR Proceed as follows
98. s on the TPR Please note that you need a ThinPrint license for each client ID Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE ThinPrint 3 Tick Connection Service 4 Enter the relevant parameters see Table 13 gt E 57 5 Click Save amp Restart to confirm amp The settings are saved Table 13 Connection Service Parameters Parameters Description Connection Service Enables disables the ThinPrint Connection Service Server name IP address or host name of the server on which the Connection Service is installed The host name can only be used if a DNS server was configured beforehand Port Defines the TCP port used by the TPR for communicating with the Connection Service The port number 4007 is preset 57 ThinPrint Settings TPR User Manual Parameters Description Client ID Client ID as stored in the database of the Connection Service The Connection Service needs the Client ID to send print jobs to the TPR Authentication key Authentication key as stored in the database of the Connection Service Keep alive Interval in seconds after which the connection to the Connection Service is refreshed The value has to be equal to or lower than the KeepAliveTO value set on the Connection Service server allowed entry 1 60000 default 60 Connection retry Defines the time interval in seconds after which a connection retry is executed if the Connection S
99. s the Connection Service server via the IP address or the host name A host name can only be used ifa DNS server was configured beforehand Defines the client ID as stored in the database of the ThinPrint Connection Service Defines the authentication key as stored in the database of the Connection Service Defines the TCP port used by the TPR for communicating with the Connection Service Defines the time interval in seconds after which the connection to the Connection Service is refreshed Note The value has to be equal to or lower than the KeepAliveTO value set on the Connection Service server Defines the time interval in seconds after which a connection retry is executed if the Connection Service cannot be reached TPR User Manual Table 29 Parameter List ThinPrint printer Parameters prtName_1 Printer prtClass_1 Class prtDriver_1 Driver remoteMode_1 Printing protocol remotePort_1 Port remoteUrl_1 URL remotelPPs_1 SSL remoteQ_1 Queue IpdModeRFC_1 RFC monitorPing Monitoring via ping ELT max 32 characters a z A Z 0 9 _ max 7 characters a z A Z 0 9 max 64 characters a z A Z 0 9 _ raw RAW Socket connection ipp IPP connection Ipd LPD connection 1 65535 max 5 characters 0 9 max 64 characters on off max 64 characters a z A Z 0 9 on off on off Default blank
100. service page 97 Gateway Hardware Address Host Name TPR User Manual Appendix Glossary Using a gateway you can address IP addresses from external networks If you wish to use a gateway you can configure the relevant parameter via the TPR Control Center or the InterCon NetTool The TPR is addressable by means of its world wide unique hardware address This address is commonly referred to as the MAC or Ethernet address The manufacturer has defined this address in the hardware of the device The address consists of 12 hexadecimal numbers The first six numbers represent the manufacturer while the last six numbers identify the individual device Hardware Address A D 00 c0 eb 00 01 ff Ju J y y Manufacturer Device ID number The hardware address can be found on the housing the InterCon NetTool the status or service page The use of separators within the hardware address depends on the platform Note the following conventions when entering the hardware address Operating system Representation Example Windows Hyphen 00 c0 eb 00 01 ff UNIX Colon or 00 c0 eb 00 01 ff or period 00 c0 eb 00 01 ff The host name is an alias for an IP address The host name uniquely identifies the TPR in the network and makes it easier to remember 98 InterCon NetTool IP Address Subnet Mask TPR Control Center TPR User Manual Appendix Glossary The software InterCon NetIool has been d
101. st enable and configure DNS DNS is used for the configuration of the time server for example Proceed as follows 1 Start the TPR Control Center 2 Select NETWORK DNS 3 Configure the DNS parameters see Table 4 gt 4 Click Save amp Restart to confirm amp The settings are saved 31 30 SNMPv1 SNMPv3 TPR User Manual Network Settings Table 4 DNS Parameters Parameters Description DNS Enables disables the name resolution via a DNS server Primary DNS server Specifies the IP address of the primary DNS server e g 192 168 0 21 Secondary DNS server Defines the IP address of the secondary DNS server The secondary DNS server is used if the first one is not available Domain name suffix Defines the domain name of an existing DNS server e g company de 3 4 Howto Configure SNMP SNMP Simple Network Management Protocol has become the standard protocol for the administration and monitoring of network elements The protocol controls communication between the monitored devices and the monitoring station SNMP allows you to read and edit management information provided by the network elements e g the TPR or printer The TPR supports versions 1 and 3 of SNMP The SNMP community is a basic form of access protection A large number of SNMP managers are grouped together in the community The community is then assigned read write access rights The general community string is public
102. t Description Enables disables the Personal Printing functionality of the TPR Defines a Personal Printing server via the IP address or the host name A host name can only be used if a DNS server was configured beforehand Defines the TCP port used by the TPR for communicating with the Personal Printing server If the SSL connection is enabled the port number 443 must be used Enables disables the SSL TLS encryption and certificate based authentication for the Personal Printing protocol Enables disables the verification of the Personal Printing server certificate by means of the root certificate and or the Personal Printing certificate Defines the User PIN The specified User PIN and the User PIN in the user accounts of the Active Directory must be identical Defines the ID of the printer object to be used by the Personal Printing server Enables disables the release of one single print job per cardswipe If several print jobs are available they have to be released individually one after another 109 Parameters pps_delete Job deletion by server pps_extraDel Job deletion by TPR pps_wait2Del Delay pps_beep Beeper TPR User Manual Value on off on off 0 60 max 2 characters 0 9 0 immediate deletion on off Default on off on Appendix Parameter List Description Enables disables the immediate deletion of printed jobs by the Pers
103. tatus Status of the print connection The following statuses are possible e Initialized means that there is a connection to the ThinPrint server In a next step the connection to the printer will be established Try to connect means that the connection to the printer will be established Connection rejected means that the printer rejected the connection Pending means that the print job has been accepted by the TPR but that the data transfer has not yet started Processing means that the print job has been transferred from the TPR to the printer Processing stopped means that the data transfer to the printer was interrupted This can occur if for example the printer ran out of paper If the printer error is fixed data transfer will be resumed Completed means that the TPR has completely forwarded the print job to the printer Aborted means that the print job has been aborted This can occur if for example the TPR has been restarted while the print job was processed Protocol Protocol used to transfer the print data The presentation consists in a combination of the following values e ThP ThinPrint Stp status or service page e Sock RAW Socket printing IPP _ IPP printing LPD LPD printing Name Name of the print job Sender Name of the sending host lt domain user name gt lt domain gt appears with ThinPrint print jobs e TPR 10 appears when printing a status or service page Start Time at wh
104. ters file is saved on the USB flash drive the TPR will after the reset automatically use the parameter values saved on the USB flash drive see gt 885 By means of the status reset button of the device you can reset the parameters without entering the password O Resetting the Parameters via the TPR Control Center gt 87 O Resetting Parameters via the InterCon NetTool gt 288 mg O Resetting the parameters via the status reset button gt 888 Resetting the Parameters via the TPR Control Center Proceed as follows 1 Start the TPR Control Center 2 Select MAINTENANCE Default settings 87 TPR User Manual Maintenance 3 Click Default settings The parameters are reset Resetting Parameters via the InterCon NetTool Proceed as follows 1 Start the InterCon NetTool 2 Highlight the TPR in the device list 3 Select Actions Default Settings from the menu bar 4 Click Finish The parameters are reset Resetting the parameters via the status reset button LEDs various ports and the status reset button can be found on the TPR These components are described in the Quick Installation Guide Using the status reset button you can reset the parameter values of the TPR to their default settings The reset process can be divided into three phases e During phase one the TPR is forced into the reset mode During the reset mode the parameters are reset e The secon
105. the ThinPrint environment can be found in the ThinPrint documentation at http www thinprint com TPR User Manual 49 TPR User Manual ThinPrint Settings 6 1 Howto Define the ThinPrint Port In ThinPrint environments printing is done to a TCP IP port via a socket connection The port number of the TPR must be identical to the port number that was defined for the ThinPrint server Port 4000 is preset on the TPR You can change the port number if necessary Proceed as follows 1 Start the TPR Control Center 2 Select DEVICE ThinPrint 3 Enter the port number into the ThinPrint port box 4 Click Save amp Restart to confirm The setting will be saved 6 2 Howto Define the Bandwidth Bandwidth describes the capacity of a data connection The bandwidth of the TPR is indicated in bit second bit s The bandwidth that is needed for print jobs can be limited to a freely definable value for each ThinPrint port server side You can further decrease the bandwidth limit on the port of the TPR client side 4 l ooo Defining a bandwidth value on the TPR which is higher than the defined value server side will have no effect In this case the pre defined value will be applied Proceed as follows Start the TPR Control Center Select DEVICE ThinPrint Tick Bandwidth Enter the desired bandwidth Click Save amp Restart to confirm The setting will be saved AA WN gt 50
106. tity in a network If you use the authentication method EAP TLS you must install the root certificate of the authentication server RADIUS on the TPR see gt E173 If a root certificate has already been installed on the TPR it will be overwritten M The certificate must be in base 64 format Proceed as follows Start the TPR Control Center Select SECURITY Certificates Click Root certificate Click Browse Specify the root certificate 6 Click Install The root certificate is saved in the TPR aA AWN Saving the pkes 12 Certificate on the TPR Certificates with the pkcs 12 format are used to save private keys and their respective certificates and to protect them by means of a password Ifa Tee has already been installed on the TPR it will be overwritten 73 Requirements Requirements TPR User Manual Security M The certificate must be in base 64 format MI No certificate request may exist To delete the certificate request see gt E175 M No CA certificate may be installed To delete a CA certificate see D9875 3 Proceed as follows Start the TPR Control Center Select SECURITY Certificates Click pkes12 certificate Click Browse Specify the pkcs 12 certificate Enter the password 7 Click Install The pkes 12 certificate will be saved in the TPR AAAWN SE Saving the S MIME Certificate on the TPR S MIME certificates pem file are used to sig
107. to the TPR IP address IP address of the TPR Subnet mask Subnet mask of the TPR Gateway Gateway address of the TPR Requirements TPR User Manual Network Settings Configuring IPv4 Parameters via the InterCon NetTool WN AAW N gt bo A The InterCon NetTool is installed on the client see gt 20 The network scan via Multicast has been enabled in the InterCon NetTool The router in the network forwards multicast requests Proceed as follows Start the InterCon NetTool Highlight the TPR in the device list The TPR 10 is displayed in the device list under ZeroConf with an IP address from the address range 169 254 0 0 16 which is reserved for ZeroConf Select Installation IP Wizard from the menu bar The IP Wizard is started Follow the instructions of the IP Wizard The settings are saved File Filter Actions Installation Search Extras Help P O a T oR AP P Address Type Version Protocol NetWare Neme 6 032 169 25 TPR 10 14 0 16 IP no reply ICOD1FOB NetWare Wizard Printer Wizard 010 168 000 000 192 168 000 000 Trwa o Enter the IP address of the print server and the subnet mask f Multicast router as gateway is enabled the address of the multicast router found is used as gateway Disable this parameter if you want to edit the gateway manually Starts the IP Wizard Paes fe PO far Sinema
108. ual todo Security 7 6 Howto Use Authentication Methods By means of an authentication a network can be protected against unauthorized access The TPR can participate in various authentication procedures This section describes which procedures are supported and how these procedures are configured on the TPR The IEEE 802 1x standard provides a basic structure for various authentication and key management protocols IEEE 802 1x allows you to control the access to networks Before users gain access to a network via a network device they must authenticate themselves in the network After the authentication was successful the access to the network will be freed The standard IEEE 802 1x is based upon the EAP Extensible Authentication Protocol EAP is a universal protocol for many authentication procedures EAP allows for a standardized authentication procedure between the network device and an authentication server RADIUS First you must define the authentication procedure TLS PEAP TTLS etc to be used and configure it on all network devices involved RADIUS Remote Authentication Dial ln User Service is an authentication and account management system that validates user login information and grants access to the desired resources The TPR supports various EAP authentication methods in order to authenticate itself in a protected network O Configuring EAP MD5 gt 77 O Configuring EAP TLS B77 O Configuring EAP
109. with the same access rights are grouped together Enables disables SNMPv3 Defines the name of the SNMP user group 1 Defines the password of the SNMP user group 1 Specifies the hash algorithm of the SNMP user group 1 Defines the access rights of the SNMP user group 1 Defines the encryption method of the SNMP user group 1 Defines the name of the SNMP user group 2 Defines the password of the SNMP user group 2 TPR User Manual 103 Appendix Parameter List TPR User Manual Parameters admin_hash Hash admin_rights Access rights admin_cipher Encryption Value md5 sha None readonly readwrite None aes des Table 19 Parameter List POP3 Parameters pop3 POP3 pop3_srv Server name pop3_port Server port pop3_sec Security pop3_poll Check mail every pop3_limit Ignore mail exceeding pop3_usr User name pop3_pwd Password Value on off max 128 characters 1 65535 max 5 characters 0 9 0 no security 1 APOP 2 SSL TLS 1 10080 max 5 characters 0 9 0 4096 max 4 characters 0 9 0 unlimited max 128 characters max 128 characters Default md5 readwrite Default off blank 110 blank blank Description Specifies the hash algorithm of the SNMP user group 2 Defines the access rights of the SNMP user group 2 Defines the encryptio
Download Pdf Manuals
Related Search