Filter
Top Products
5
r). The System Administrator should ensure that the Embedded Fax Card and fax software is installed in accordance with the
“Complete the Fax Setup Screens” instructions on page 15-2 in the SAG. The System Administrator can then set Embedded
Fax parameters and options via the Local User Interface on the machine by following the instructions on pages 15-2
through 15-4 in the SAG.
s). To enable and configure IPSec, follow the instructions starting on page 8-12 in the SAG. Xerox strongly recommends that
IPSec should be used to secure printing jobs; HTTPS (SSL) should be used to secure scanning jobs. Note: IPSec is not
available for either the AppleTalk protocol or the Novell protocol with the ‘IPX’ filing transport.
Xerox also recommends that the default values for IPSec parameters listed in the IPSec section in the SAG
be used
whenever possible for secure IPSec setup. The following default values not listed in the SAG
should also be used for secure
IPSec setup:
• For defining policies the options listed for ‘Hosts’, ‘Protocols’ and ‘Action’ are all defaults; the System Administrator
should choose the particular option that pertains to whether the hosts and protocols in each case are to be allowed or
discarded and the corresponding desired action.
• The Host Group address type defaults to ‘Specific’.
• Protocol Group Custom Protocol defaults to being disabled. If Custom Protocol is enabled then the protocol defaults to
‘TCP’ and the Device Is type defaults to ‘Server’.
• The IPSec New Actions keying method defaults to ‘Internet Key Exchange (IKE)’.
• If ‘Manual Keying’ is selected the IPSec security option defaults to ‘ESP’, the Security Parameter Index: IN defaults
to ‘256’, the Security Parameter Index: OUT defaults to ‘257’, the hash method defaults to ‘SHA-1’, the encryption
method defaults to ‘3DES’ and the keys option defaults to ‘ASCII format (System will automatically convert to
hex value for you)’. Also, “AH” alone should not be selected as the IPSec Security option.
• If ‘Internet Key Exchange (IKE)’ is selected the IKE Phase 1 key lifetime defaults to ’86,400 seconds’, the DH Group
defaults to ‘DH Group 2 (1024-bit MODP)’, the Encrypt/Hash pair defaults to ‘SHA-1 and AES’, the IPSec mode
defaults to ‘Transport Mode’, the IPSec security option defaults to ‘ESP’, the IKE Phase 2 key lifetime defaults to
’28,800 seconds’, the IKE Phase 2 hash method defaults to ‘SHA1’ and the IKE Phase 2encryption method defaults
to ‘3DES’.
t). Xerox recommends that if SNMP is enabled SNMPv3 should be used. SNMPv3 can be set up by following these instructions:
SNMPv3 cannot be enabled until SSL (Secure Sockets Layer) and HTTPS (SSL) are enabled on the machine.
• At the Web UI, select the Properties tab.
• Select the following entries from the Properties 'Content menu’: Connectivity Protocols SNMP. This will display
the SNMP Configuration page.
• Select the “Enable SNMP v3 Protocol” checkbox inside the SNMP Properties group box.
• Select the [Edit SNMP v3 Properties] button inside the SNMP Properties group box. This will cause the Edit SNMP v3
Properties page to be displayed.
• On the Edit SNMP v3 Properties page:
• Select the Account Enabled button inside the Administrator Account
6
group box to create an administrator account.
• Enter the desired Username and Authentication Password. The Authentication Password must be at least 8
alphanumeric characters (the default value is ‘3tamAvUMEfeR84erar6z’).
• Enter the desired Privacy Password of at least 8 alphanumeric characters (the default value is
‘TRUDU27qumAspuswe4he’).
• Select the Account Enabled button inside the Print Drivers Account group box to create an account for bi-directional
print drivers / Xerox remote clients.
• Select the [Apply] button. This will create an administrator account and save the indicated settings/passwords. After
saving the changes the SNMP Configuration page will be redisplayed.
The System Administrator should be aware that in configuring SNMPv3 there is the option of resetting both the Privacy and
Authentication passwords back to their default values. This option should only be used if necessary since if the default
passwords are not known no one will be able to access the SNMP administrator account.
6
The SNMP administrator account is strictly for the purposes of accessing and modifying the MIB objects via SNMP; it is separate from the System
Administrator “admin” user account or user accounts given SA privileges by the System Administrator “admin” user. The administrator account can
not perform any System Administrator functions.