Dell S3845cdn User Manual

Dell™ S3845cdn

CAC

Star

™ Smart Card Reader

Installation and Configuration Guide

Document protection for CAC/PIV enabled

Multifunction Devices

Table of Contents

Introduction ......................................................................................... 4

Initial Setup .......................................................................................... 5

Configuring the CACStar Option via Touchscreen ............................... 6

Activating the CACStar Configuration Menu System .................. 6

Access Code ................................................................................. 6

The Top-Level Menu .................................................................... 8

LAN TCP/IP settings ..................................................................... 9

Ethernet Connection Settings ................................................... 11

Additional Functions in Menu Mode ......................................... 12

Configuring the CACStar Option via Administration Website ........... 13

Accessing the MFD/Printer Web Site ................................................ 14

Connectivity ....................................................................................... 14

LAN Side Configuration ................................................................14

Local Side Configuration ..............................................................17

Security .............................................................................................. 18

MFD Function Enabling ...............................................................18

Email Setup ..................................................................................20

Authentication Method ...............................................................22

User Logging ................................................................................29

Upload Certificate ........................................................................29

Device Certificate Management ..................................................30

Administrator .................................................................................... 32

Change Password ........................................................................32

Administrator Access ...................................................................32

Firmware Update .........................................................................34

Technical Support ........................................................................36

Setup Test ....................................................................................37

Date Time ....................................................................................38

Hold Print Files .............................................................................39

Hold File Name Matching Format ............................................. 40

Status ................................................................................................. 41

Card Reader .................................................................................41

Network .......................................................................................42

Other............................................................................................43

Appendix A – Setup Information Checklist ........................................ 44

Appendix B – CACStar Option Installation Procedure ....................... 46

Step 1: Determine IP Address of the printer. ..............................46

Step 2: Disable Sleep Mode .........................................................47

Install the Installation Cloning File ..............................................48

Hardware Installation of CACStar ................................................50

Introduction

CACStar™ provides a solution to HSPD-12 requirements for CAC/PIV based protection of network data to and from printers or Multifunction Devices (MFDs). You can configure it to require an authenticated CAC/ PIV card to control Copy, Print, Fax, Scan to Folder, Scan to Email, SNMP, or FTP.

Configurable authentication methods include Basic X.509 certificate on the card, PIN validation, expiration, OCSP, root certificate, LDAP, and Kerberos. CACStar will adopt the IP address of the MFD on which it is installed, so there is no host network configuration change necessary.

Configuration is easily done using secure web based access to CACStar by the network administrator. In its simplest form, the admin only needs to configure the IP address of the MFD and the IP address of the local time server. Information about many additional configuration options is described later in this guide.

Prior to starting the CACStar configuration, you must know your network infrastructure. Appendix A has a convenient list of questions and the necessary data that you will need to collect.

If you need help obtaining correct firmware or documentation, contact the Dell ProSupport Help Desk by calling 1-866-516-3115, or by sending email to Imaging_Solutions_Support_CAC@dell.com.

This manual will guide you through installing the hardware, installing the software to convert the Dell S3845cdn to be CACStar enabled, and configuration of the customer desired authentication control options. Prior to starting the installation, you may wish to use the checklist in Appendix A to help you collect the information you will need.

Initial Setup

If your 3845 came to you with the CACStar option not pre-installed, you should refer to Appendix B to find instructions regarding initial installation. Otherwise, proceed to CACStar Configuration below.

Configuring the CACStar Option via Touchscreen

A limited number of configuration settings can be accessed directly from the printer’s touchscreen:

• TCP/IP address

• Ethernet connection (speed / duplex)

Access to all settings for the CACStar option are available via the CACStar administration web site.

Activating the CACStar Configuration Menu System

To activate the CACStar Configuration Menu System, tap the “Manual Login” icon on the touchscreen. It looks like a small keyboard icon. In the picture below it is highlighted by a yellow box. If the touchscreen does not look like the picture below, then tap the [Log In] button at the top left corner of the touchscreen.

Access Code

If the CACStar “disable front panel configuration” setting has been enabled, then you will be asked to enter an access code before access to the menu system will be granted. This access code is fixed to a value of “3149”.

If an incorrect access code is entered, then access to the menu system will be denied.

The Top-Level Menu

CACStar LAN TCP/IP Settings

CACStar LAN Ethernet connection settings

Additional functions (described below)

Upon entry into the CACStar menu system, you are asked which configuration area you wish to use.

Menu codes that can be entered:

LAN TCP/IP settings

When setting TCP/IP settings, you will be walked through the following settings:

• DHCP

If you answer “No” to using DHCP, then the following settings are presented.

• IP Address

• Subnet Mask

• Gateway

No changes will be saved until all applicable settings have been set (i.e. If you choose “Yes” for DHCP, then the configuration is saved, and no other settings are presented. If “No” is selected for DHCP, then all settings must be entered before any are saved. Exiting the menu system by pressing the “X” or “Exit” button at any time will exit the menu system without saving any changes.

Ethernet Connection Settings

When changing Ethernet connection settings, you will be walked through the following settings:

• Auto Negotiation

If “No” is chosen for Auto Negotiation, then the following settings will be presented:

• Connection Speed

• Duplex

As with the TCP/IP settings, no changes are made until all applicable settings have been entered. Aborting the menu system by tapping the “X” or “Exit” button at any time will abort the menu system without saving any changes.

Additional Functions in Menu Mode

The Functions area of the menu system allows you to:

• Print a CACStar Configuration Summary page

• Reset the Administrator password for the CACStar web site

• Reset CACStar to a Factory Default configuration. When

requesting a reset to factory defaults, you will be asked if you are sure you want to do the reset before it is done.

Configuring the CACStar Option via Administration Website

CACStar Admin Login

Login to CACStar as the Administrator by pointing your browser to the CACStar using a secure connection on port 8443 at the IP address you assigned in the steps above.

For example: https://192.168.1.23:8443 or https://10.5.9.11:8443

You are likely to get an Invalid Certificate Warning from the browser. If so, override the warning and continue to the CACStar web site.

The browser will require an ID and password. The default ID is “admin”. The default password is “admin”.

After initial login, you can change the password to one of your choice by going to the Administrator tab.

Accessing the MFD/Printer Web Site

If you wish to access the MFD/printer web site, go to the same URL but do not use port 8443. For example: http://192.168.1.23

https://192.168.1.23. On the 3845, the default login credentials are

the same as CACStar (username “admin”, password “admin”.)

The following sections describe the different areas of the CACStar administration website.

Connectivity

CACStar has a “Local Side” and a “LAN Side”. The Local Side pertains to a local Ethernet connection from the MFD to the CACStar option. It is not accessible from the user’s network. The LAN Side pertains to the Ethernet connection to the host network.

LAN Side Configuration

Update

Step 1 – MFD IP Address

This is the IP address that is used for access to these administrator web pages. It is also used for host computer connection to the MFD/printer. This IP address was already set in the initial setup process using the card reader keypad.

If you wish to change this address, it can be done using this screen or from the card reader keypad.

Note: When you press the

button, the CACStar will switch to the new IP address which will cause your browser to be disconnected from the CACStar. To reconnect, redirect your browser to the new IP address you just entered.

Step 2 – NTP Server:

Set this to the Network Time Protocol Server IP address or Server Name. This will allow the CACStar to validate certificates by date.

If DHCP is in use, you may check the "NTP From DHCP" box to force retrieval of the NTP Server address from the DHCP server in which case the address field is not used and may be left blank.

Step 3 – Configure Gateway and DNS Server Note: A DNS Server is required for OCSP support. It is not necessary

to configure a DNS server if you are not using OCSP.

Set this to the DNS IP address to be used by the CACStar for Domain Name resolution.

Example: 10.5.1.2

If DHCP is in use, you may check the "DNS From DHCP" box to force retrieval of DNS addresses from the DHCP server - in which case the DNS address fields are not used and may be left blank.

Step 4 – Configure Default Domain

This field is used for DNS Server Name resolution. Set this to the Default Domain name for the LAN.

Step 5 – Press Update

+ 37 hidden pages