Dell C3765dnf Color Laser Printer User guide

CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page1



User Guide

CACStar™ for Dell C3765dnf

Network protection for CAC/PIV enabled Multifunction Devices or Printers

CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page2



TableofContents

Introduction..................................................................................................................................................3

InitialSetup...................................................................................................................................................4

AdminLogin..................................................................................................................................................5

Connectivity..................................................................................................................................................5

LANSideConfiguration.............................................................................................................................5

LocalSideConfiguration...........................................................................................................................7

Security.........................................................................................................................................................8

MFDFunctionEnabling.............................................................................................................................8

EmailSetup...............................................................................................................................................9

AuthenticationMethod..........................................................................................................................11

UserLogging............................................................................................................................................15

UploadCertificate...................................................................................................................................

15

Administrator..............................................................................................................................................17

ChangePassword....................................................................................................................................17

AdministratorAccess..............................................................................................................................17

FirmwareUpdate....................................................................................................................................19

TechnicalSupport...................................................................................................................................20

SetupTest...............................................................................................................................................21

DateTime................................................................................................................................................22

HoldPrintFiles........................................................................................................................................23

Status..........................................................................................................................................................25

CardReader.............................................................................................................................................25

Network..................................................................................................................................................26

About.......................................................................................................................................................27



 

CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page3



Introduction



CACStar™providesasolutiontoHSPD‐12requirementsforCAC/PIVbasedprotectionofnetworkdata

toandfromprintersorMultifunctionDevices(MFD’s).Youcanconfigureittorequireanauthenticated

CACcardtocontrolScantoFolder,ScantoEmail,SNMP,FTP,orprinting.Configurableauthentication

methodsincludeBasic

X.509certificateonthecard,PINvalidation,expiration,OCSP,rootcertificate,

LDAP,andKerberos.CACStarisavailableinmodelsthatcanbedeployedasasmalladd‐onboxforuse

withlegacyMFD’sthatneedCAC/PIVprotection.Itisalsoavailableasanintegratedsolutionkitthat

canbe

easilyinstalledoncertainmodelsoflegacyMFD’s.

CACStarwilladopttheIPaddressoftheMFDonwhichitisinstalled,sothereisnohostnetwork

configurationchangenecessary.InstallationiseasilydoneusingsecurewebbasedaccesstoCACStarby

thenetworkadministrator.Initssimplest

form,theadminonlyneedstoconfiguretheIPaddressofthe

MFDandtheIPaddressofthelocaltimeserver.Informationaboutmanyadditionalconfiguration

optionsisdescribedlaterinthisgui de.

PriortostartingtheconfigurationofCACStaritwouldbeusefultocollecttheinformationneeded.

Appendix

Ahasaconvenientlistofquestionsthatwillhelpincollectingtheinformation.

Ifyouneedhelpobtainingcorrectfirmwareordocumentation,contactDell’sProSupportHelpDeskby

calling1‐866‐516‐3115,orbysendingemailto[email protected].

 

CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page4



InitialSetup

1. UsingtheMFD/printeroperatorpanel,settheMFDIPaddressto172.19.10.2andtheSubnet

Maskto255.255.255.0andtheGatewayto172.19.10.1.

2. AfterInitializationiscomplete,theCardReaderdisplaywillsay

Waiting For Card.

3. Usingthecardreaderkeypad,entertheIPaddresstobeusedtoaccessboththeCACStarand

theMFD/printer.SeeFigure1below.

a. PresstheFkey;thedisplaywillsay

Information.

b. PresstheFkeyagain;thedisplaywillsay

Configuration.

c. PresstheEnterkey;thedisplaywillshow

LAN IP Address andthecurrentsetting.

d. PresstheEnter key;thedisplaywillshow

Enter New Value.

e. EnterthedesiredIPAddressandpressEnter.UsetheIPaddressyouwanttousefor

hostcomputerconnectiontotheMFD/printer.

i. Example:192.168.1.23Enter.

f. Thedisplaywillsay

Setting Valueforabout5seconds.

g. PresstheFkey;thedisplaywillsay

LAN Subnet Mask andthecurrentsetting.

h. PresstheEnter key;thedisplaywillshow

Enter New Value.

i. EnterthedesiredsubnetmasklikeyoudidtheIPAddress.

j. Ifyouwishtoenterthegateway,presstheFkeyagainandenteritasyoudidtheIP

Address.

k. PresstheExitkeytwicetoreturnto

Waiting for Card.

l. Toconfirmthisoperationwassuccessful,youcanpingtheCACStaratitsnewIPaddress

fromyourPC.

4. Fromtheadministrator’sPC,pointyourbrowsertotheCACStarusingasecureconnectionon

port8443attheIPaddressyouassignedtotheCACStar.

Example:https://192.168.1.23:8443

5. YouarelikelytogetanInvalidCertificateWarningfr omthebrowser.Ifso,overridethe

warningandcontinuetotheCACStarwebsite.

6. Proceedwithanyoftheconfigurationcommandsshownbelowasnecessaryforyour

installation.



 



Figure1–KeypadFunctionButtons

Exit

Backspace

Function

Enter

CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page5



AdminLogin

ConfigurationoftheCACStarwillbedonefromtheadministrator’sPCbyconnectingovertheLANusing

theIPAddressyouenteredonthecardreaderkeypad.Thismustbedoneinsecuremodeonport8443.

Forexample:https://192.168.1.23:8443

ThebrowserwillrequireanIDandpassword.ThedefaultIDis“admin”.Thedefaultpasswordis

“password”.



Afterinitiallogin,youcanchangethepasswordtooneofyourchoicebygoingtotheAdministratortab.



AccessingtheMFD/PrinterWebSite

IfyouwishtoaccesstheMFD/printer

website,gotothesameURLbutdonotuseport8443.For

example:http://192.168.1.23orhttps://192.168.1.23



Connectivity

LANSideConfiguration



CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page6



Step1–MFDIPAddress

ThisistheIPaddressthatisusedforaccesstotheseadministratorwebpages.Itisalsousedforhost

computerconnectiontotheMFD/print er.ThisIPaddresswasalreadysetintheinitialsetupprocess

usingthecardreaderkeypad.

If

youwishtochangethisaddress,itcanbedoneusingthisscreenorfromthecardreaderkeypad.

Note:WhenyoupresstheUpdatebutton,theCACStarwillswitchtothenewIPaddresswhichwillcause

yourbrowsertobedisconnectedfromtheCACStar.Toreconnect,redirect

yourbrowsertothenewIP

addressyoujustentered.



Step2–NTPServer:

SettheIPaddressoftheNTPserverinuseonthissubnet.



Step3–ConfigureGatewayandDNSServer

CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page7



Note:ADNSServerisrequiredforOCSPsupport.ItisnotnecessarytoconfigureaDNSserverifyouare

notusingOCSP.



Step4–PressUpdate



LocalSideConfiguration



ThesesettingsdefinetheIPaddressesusedforLocalcommunicationbetweentheCACStarandthe

MFD/printer.Thedefaultsarelikelytobeacceptable.Usually thereisnoneedtoenteranyIP

addressesonthisconfigurationpage.

MakesurethesevalueswereenteredintotheMFDusingtheMFD/printer

operatorpanel.



CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page8



Security

MFDFunctionEnabling



ChecktheboxesforFunctionsthatrequireavalidatedCACCardforuse.

Ifaboxisun‐checkedtheFunctionwillalwaysbeallowed.

Forexample:

IfyouwanttheMFDScan-to-FolderFunctiontoonlybeavailablewhenavalidatedCACCardisinstalled,

checktheCAC Enable Scan-To-Folder box.

youwanttheMFDScan-to-FolderFunctiontobeavailableallthetimewhetheraCACcardisinserted

ornot,unchecktheCAC Enable Scan-To-Folderbox.

ClicktheUpdatebuttonafterallentriesaremade.

CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page9



HoldPrint

Ifenabled,PrintjobswillbeheldintheCACStaruntiltheuserisauthen ticatedattheprinterbyinserting

theirCACcard.Afterauthentication,theuser’sjobswillbeprinted.

CACPrintServer

SetthistotheIPaddressoftheSecurePrintserver.

ServerPrint

Only

Ifenabled,printjobswillonlybeallowedfromtheconfiguredCACPrintServer.Ifnot,jobswillbe

allowedfromanyIPaddress.Forthistooperate,“CACEnablePrinting”mustbeselectedinthe

“Security/MFDFunctionEnabling”menu.



EmailSetup



CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page10



IfyouhaveelectedtocontrolMFDgeneratedemailwithyourCACcards,youwillneedtoconfigurethe

itemshowninthescreenbelow.

SMTPAddressorServerName

SettheIPaddressorServerNameoftheSMTPserver.

SMTPPortNumber

SettheTCPportnumberfor

SMTPcommunications.

UserEmailAddressFrom

Selectthesourcelocationforthe“From”emailaddress.Emailedscanscanbefromeithertheuser’s

ownemailaddressonhisCACcard,orfromtheuser’semailaddressontheLDAPserver.

ForceEmailtoSelf

Choosewhetheryouwanttoforce

allemailedscanstotheuser’sownemailaddress.Ifnotchecked,he

cansendtoanyemailaddress.

Ifthisoptionisnotselected,theusercanselecttherecipientfromtheprinter’sinternaladdressbookor

hecanusetheprintertoentertheemailaddresshewantsto

use.

EncryptEmail

Whensendingemailsofscanneddocuments,choosetoneverencrypt,alwaysencrypt,orPrompton

eachmessageforwhetherornottoencrypt.

WhentheMFDisoperationalandhasbeenconfiguredheretopromptforwhetherornottoencrypt,

thedisplayontheCACreader

willshowEncrypt Email.Line2ofthedisplayshowsNoandcanbetoggled

between

YesandNobypressingtheFkey.Whenthedesiredchoiceisselected,pressthegreenEnter

keytosendtheemailmessage.YouneedtomakethischoiceorpresstheFkeywithin10seconds.If

therearenokeypressesfor10seconds,thesystemwillsendthemessage

unencrypted.

EmailEncryptionType

Choosetheencryptiontypefromeither3DESorAES‐256.

SignEmail

Whensendingemailsofscanneddocuments,choosetoneversign,alwayssign,orPromptoneach

messageforwhetherornottosign.

LDAPPrimaryCertificateAttribute

SpecifytheprimaryLDAPattributenamewhichshould

beusedtoretrieveacertificate foremail

encryption.

LDAPSecondaryCertificateAttribute

SpecifythesecondaryLD AP attributenamewhichshouldbeusediftheprimaryattributefails.



CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page11



AuthenticationMethod





CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page12



Basic

ThisincludesPINvalidation,cardexpirationcheck,andX.509cardcertificatevalidation.IfanNTP

serverisnotconfiguredontheLAN Side Configurationpage,theexpirationcheckisbypassed.TheBasic

levelofauthenticationisalwaysincludedandcannotberemovedfromtheconfiguration.Insome

installations,thisissufficientauthenticationandistheonlyoneactivated.



OCSP

CheckthisboxtoenableOCSP(OnlineCertificateStatusProtocol)verificationofCACCards.Ifenabled

theOCSPserverwillbeusedtovalidatethecurrentstatusoftheCACcardPKIcertificate.

NOTE:IfOCSPisenabled,youmusthavea

DNSserverconfigured.



RootCertificate

CheckthisboxtoenableRootCertificateverificationofCACCards.Ifenabled,thecertificatechain,

includingtheRootCACertificatewillbeusedtovalidatetheCACcardPKIcertificate.Thecardisalso

checkedtobecertaintheCACcertificatehasavalid

privatekey.

NOTE:IfRoot Certificateisenabled,allIssuerCertificatesandRootCACertificatechainsforcardsinuse

atthisinstallationmustbeloadedintotheCACStar.Ifnot,VerifyFailureswilloccur.



LDAP

CheckthistoenableuseoftheActiveDirectoryserverforadditionalauthentication

LDAP

ServerIP:IPaddressoftheLDAPserver.

LDAPServerPort: PortnumberoftheLDAPserver.Thedefaultis389.

LDAPQueryUserName: UserNamefortheLDAPserviceaccountlogin.

LDAPQueryPassword: PasswordfortheLDAPserviceaccountlogin.

LDAPSearchBase: Definesthelocationin

thedirectorywhereasearchwill

start.

Example:OU=Users,DC=Itek,DC=com

LDAPSearchString: TheSearchStringisusedbytheLDAPservertofindusers.

Therearecertainkeysthatwillbeexpandedtocreatethequery.

Keysare:

 %L–expandstobecometheuser’slastname

 %F–expandstobecometheuser’sfirstname

 %M–expandstobecometheuser’smiddlename

 %E–emailaddress

 %e–EDI‐PI

 LDAPUserIDoptions: Choicesarecn,upn,mail,orname.

DisableLDAPReferrals: Ifthisboxischecked,theReferralssent

byLDAPServerswill

NOTbefollowed.



CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page13



Kerberos 

IfLDAPisenabled,youmaychoosetouseKerberosauthenticationfortheLDAPserver.

 KDCServerIP: IPaddressoftheKerberosserver

 KDCServerPort: PortnumberoftheKerberosserver.Thedefaultis88.

 KDCRealm: KerberosRealm

 KDCPrincipal: UserName.Thiscan

beeithertheCNortheEDI‐PI,orSan

    Principal.

PKINITWin2K

Thesettingaffectsthe"PublicKeyCryptographyforInitialAuthentication"inKerberos.Check

thisboxifyouareusingaWindows2000KDCServerand/orneedtousetheolderKerberos

PKINITcommand/replyset.

DisableReverseDNS

Lookups:

CheckthisboxtodisableReverseDNSLookupsbyKerberos(andLDAP).Thisisonlynecessaryif

thereisaproblemusingReverseDNSLookups.Ifthisboxischecked,hostnamesmustbeused

for"KDCServer"and"LDAPServer"inputfields.

MFDLDAPKerberosProxy

Ifenabledand

Kerberosisenabled,LDAPsearchesfromtheMFDwillbemodifiedtouse

KerberosAuthentication.TheLDAPServerandPortsettingsmustbecorrect. 

MFDSMBKerberosProxy

IfenabledandKerberosisenabled,networkscan(SMB)operationsfromtheMFDwillbe

modifiedtouseKerberosauthentication.

DefaultSMB

ServerAddress

TheIPaddressorservernameforthedefaultSMBserver.ThisaddresswillbeusediftheSMB

serveraddresscannotbeobtainedfromtheprinter.

DefaultSMBServiceName

TheServiceNameforthedefaultSMBserver,e.g.myshare$.Thisnamewillbeusedasthe

principal

forKerberosauthenticationiftheServi ceNamecannotbeobtainedfromtheprinter.

DefaultSMBPassword

ThePasswordforthedefaultSMBserver.

Thisisonlyneededif"MFDSMBKerberosProxy"isNOTchecked‐ANDthe"SMBFolderName"

isconfigured.



SMBFolderName

IfaFolderNameis

configured,anyfoldernamethatisusedbytheprinterwillbereplacedwith

thisFolderName.Keywordscanbeusedinthisdefinitionsothefoldernameis"customized"

basedonthevalidateduser.



Thesekeywordsare:

%L‐expandstotheuser'slastname

%F‐expandstotheuser's

firstname

%M‐expandstotheuser 'smiddlename

CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page14



%E‐expandstotheuser'sEmail

%e‐expandstotheuser'sEDI‐PI

%I‐expandstotheuser'sPIC‐Identification

%u‐expandstoLDAPAttributevalue



SMBFolderLDAPAttribute

IfaFolderNameisconfiguredusing%u,theLDAPAttributedefinedherewillbeused

toretrievethepath

valueforthe%ufield.Careshouldbetakenwhenusing

"\"charactersbeforeorafterthe%u‐basedonwhethertheLDAPAttribute

valueincludes"\"character(s)atthebeginningorend.



SSLCACertificateChecking

Ifenabled,thehostSSLcertificatewillbeverifiedagainsttheCAcertificate.

Therefore,theapplicable

CAcertificatemustbeloadedintotheCACStar.





CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page15



UserLogging



UserLoggingprovidesameanstocreate,viewordeleteauserlogfiletotrackuseractivity.Ifthisis

enabled,itwilllogthedate,username,andotherinformation.Thelogcanbedownloadedinacsvfile

formatforviewing.

UploadCertificate



UsethispagetoloadIssuerandRootCertificateAuthorityCertificatesintoCACStar.

CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page16



PKCS7,X509,PEMandDERformatsaresupported.

UsetheBrowsebuttontoselecttheCertificatefileonyourPC;thenclicktheUpload Certificatebutton.

Ifyourcertificatesareina.txtfileformat,pleasesendthemtous,andwewillconvertthemtoa

supportedformat.Ifdesired,

wecanpreloadthemintonewunits.

TheCreate Certificates SummarywillcreateatextfilelistingallcertificatesstoredintheCACStar.Thisisa

textfilethatcanbeviewedordownloadedbyselectingtheView Certificates Summarybutton.





CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page17



Administrator

ChangePassword



Usethisfeaturetochangethepasswordfortheadministrator.

WhentheChangePasswordbuttonis

clicked,thenextinternalwebpageaccesswillrequirethisnewpassword.





AdministratorAccess



Thesesettingsallowtheadmintoprovi deadditionalsecuritybylimitingCACStaradminaccessto

specifiedIPaddresses.IftheAllow all IPsboxischecked,anadmincanaccesstheCACStarconfiguration

itemsfromaPCatanyIPaddressifheknowstheIDandpassword.Ifitis

notchecked,theadminmust

accesstheCACStarconfigurationpagesfromtheIPaddressesspecifiedforAdministrator#1or#2.

TheseaddressesmustbeonthesamesubnetastheCACStar.

CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page18



AllowTelnet

IfthisisenabledCACStarwillallowaTelnetsessiontooccur.TheTelnetsessio nwillhappenoverPort

23.TelnetusewithCACStarisintendedfordiagnosticsbythede velopers.

AllowNon‐SecurePort8080

Ifthisisenabled,CACStarwillusePort8080andHTTPfor

HTML.Otherwise,Port8443andHTTPSwill

beusedforHTML.ChangingthissettingrequiresarebootofCACStar.

DisableFrontPanelConfiguration

Ifthisischecked,CACStarwilldisabletheFrontPanelkeyboardfromchangingtheIPaddress,subnet

mask,andgateway.Viewingofthesesettingsonthefrontpanel

LCDwillstillbeallowed.



CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page19



FirmwareUpdate



Firmwareisstoredinflashmemoryandcanbeupdatedasnecessaryforadditionofnewfeatures.The

CACStar.cfgfilemayalsobeuploaded.ItisatextfilethatcontainstheCACStarconfigurationitems.



CreateandExportCurrentConfiguration



CreateConfigFilewillcreateaconfigura tionfilecontainingallcurrentsettingsexceptLANIPAddress,

LANMask,andLANGateway.Thus,theConfigfilecanbeusedtoconfigureotherCACStars.The

passwordsareencryptedsotheymaynotbeedited.Thefirstlineofthefilemustnotbe

edited.The

MACaddressandSerialNumberaredisplayedforinformationpur posesonlyandwillnotbeusedasa

configurationitem.

ExportConfigFilewillallowthisfiletobesavedoutsideCACStar.Thisfileshouldbesavedasatextfile.

Itmaybeeditedwithatext

editor.ItmayalsobeuploadedtoCACStaratalaterdate.

CreateandExportCurrentCertificates

CreateCertificatesFilewillcreateafilecalledCACStarCerts.tar.gzwhichwillcontainallcurrentlyloaded

certificates.ExportCertificatesFilewillallowthisfiletobesavedoutsideCACStar.Thisfilemaybe

loadedto

anyCACStar.



CACStar™UserGuideRevA03Copyright2014DigitalImagingTechnology Page20



TechnicalSupport

Forhelpobtainingthecorrectfirmwareordocumentation,contactDell’sProSupportHelpDeskby

calling1‐866‐516‐3115,orbysendingemailto[email protected]



ThispageisusedtoobtainLogFilesandCaptureFilestohelpdiagnosenetworkandconfiguration

concerns.Useofthesefeaturesisnormallyinconjunctionwithtechnicalsupportfromyourvendor.

CreateSysLogFile

AlogfilecanbecreatedforusebyCACStar

Engineeringtohelpres o lveproblemsthatmayoccur.

EthernetCapture

AnEthernetCapturefilecanbecreatedcontaininginformationfromeithertheLocalportortheLAN

portforusebyCACStar

Engineeringincustomersupportactivities.

PingMFD

CACStarpingstheMFDoveritsinternallocallinktoverifycommunicationbetweenCACStarandthe

MFD.

Page is loading ...

Dell C3765dnf Color Laser Printer User guide

Related papers

Other documents