802.1X Authentication

(Full-featured print servers only) Use this item to configure 802.1X authentication settings on the HP Jetdirect print server as required for client authentication on your network. You can also reset the 802.1X authentication settings to factory default values.

	CAUTION:	If you change the 802.1X authentication settings, you can lose your connection. If communication with the printer/MFP device is lost, you might need to reset the print server to a factory default state and then reinstall the device.

For most 802.1X networks, the infrastructure components (such as LAN switches) must use 802.1X protocols to control a port’s access to the network. If these ports do not allow partial or guest access, you might need to configure the print server with your 802.1X parameters prior to connection.

To configure initial 802.1X settings before connecting to your network, use an isolated LAN, or a direct computer connection using a cross-over cable.

The supported 802.1X authentication protocols and associated configuration depend on the print server model and firmware version. Available configuration settings are listed in 802.1X configuration settings.

802.1X configuration settings

Item	Description
Enable Protocols	Enable (check) the supported protocols used for 802.1X authentication on your network. ● LEAP A Cisco Systems proprietary protocol that uses passwords for mutual authentication (that is, the client and the server authenticate each other). ● PEAP Uses digital certificates for network server authentication and passwords for client authentication. PEAP requires an EAP User Name, EAP Password, and CA Certificate. Dynamic encryption keys are also used. ● EAP-TLS Uses a mutual authentication protocol based on digital certificates for authentication of both the client and the network authentication server. EAP-TLS requires an EAP User Name, HP Jetdirect certificate and CA certificate. Dynamic encryption keys are also used.
User Name	EAP/802.1X user name (up to 128 characters maximum) for this device. The default is the default host name of the print server, NPIxxxxxx, where xxxxxx are the last six digits of the LAN hardware (MAC) address.
Password, Confirm Password	EAP/802.1X password (up to 128 characters maximum) for this device. Enter the password again in the Confirm Password field to verify.
Server ID	Server ID validation string to identify and validate the authentication server. The string is specified on the digital certificate issued by a trusted certificate authority (CA) for the authentication server. Can contain a partial string (right-most characters) unless the Require Exact Match check box is selected.
Encryption Strength	Minimum encryption strength used during communication with the authentication server. Select Low, Medium, or High encryption strength. For each encryption strength, ciphers are specified to identify the weakest cipher allowed.
Jetdirect Ceritificate	A self-signed HP Jetdirect certificate is pre-installed. To install a replacement, click Configure.
CA Certificate	To validate the authentication server’s identity, the authentication server’s certificate or a CA (or “Root”) certificate must be installed on the print server. This CA certificate must be issued by the certificate authority who signed the authentication server’s certificate. To configure or install a CA certificate, click Configure.
Authentication Behavior: Reauthenticate on Apply	Control authentication when you click Apply on this page, assuming valid configuration entries were made. NOTE: Does not apply to security or other configuration wizards. Changes to parameters through a wizard always causes the print server to re-authenticate. If disabled (default), the print server does not attempt re-authentication unless configuration changes cause the print server to disconnect and reconnect to the network. If enabled, the print server always attempts to re-authenticate using the configuration values.
Restore Defaults	Restore 802.1X configuration settings to factory default values.