For a printable PDF copy of this guide, click here.
Note: Not all features mentioned in this Administrator's Guide are available with every product model.
You can use two software utilities to configure your product's advanced network settings: Web Config
and EpsonNet Config. This guide covers Web Config in detail; for information on using EpsonNet Config,
see the EpsonNet Config help utility.
The available network functions vary by product. (Unavailable functions are not displayed on the
product’s control panel or software settings screen.) Epson products support the following system
administration functions:
• SSL/TLS communication: use Secure Sockets Layer/Transport Layer Security to encrypt traffic and
avoid spoofing between the product and a computer
• IPsec/IP filtering: control access and secure communications between the product and a network
gateway
• Individual protocol control: enable and disable single services
• Remote configuration of scan and fax destinations: use an LDAP server to look up fax and email
contacts
• User feature restriction: allow or deny access to printing, scanning, faxing, and copying on a per user
basis
• Import and export printer settings: migrate settings from product to product
7
Using Web Config Network Configuration Software
Follow the instructions in these sections to configure your product's adminstrator network settings using
the Web Config software.
Note: Before you can configure system administration settings, connect the product to a network. See
the product's Start Here sheet and User's Guide for instructions.
About Web Config
Accessing Web Config
Restricting Features Available for Users
Using Your Product on a Secure Network
About Web Config
Web Config is a browser-based application you can use to configure a product's settings. Basic and
advanced setting pages are available.
Note: Before you can configure system administration settings, connect the product to a network. See
the product's Start Here sheet and User's Guide for instructions.
You can lock the settings you select by setting up an administrator password for your product. See the
product's User's Guide for instructions.
Parent topic: Using Web Config Network Configuration Software
Accessing Web Config
You can access Web Config from your browser using HTTP or HTTPS.
By default, you access Web Config for the first time using HTTP. If you continue to use HTTP, Web
Config does not display all available menus.
1.Print a network status sheet for your product and identify the product IP address. See the product's
User's Guide for instructions.
2.Start your web browser and make sure JavaScript is enabled.
3.Type the product IP address into the browser as follows, depending on the protocol you are using:
• IPv4: http://product IP address
8
• IPv6: http://[product IP address]/
The Basic Settings page appears:
4.To use HTTPS, configure the address to use HTTPS in your browser.
A message warning about the self-signed certificate appears.
To access Web Config after configuring the address to use HTTPS, enter https:// before the product IP
address, shown in step 3.
Note: If the product name is registered with the DNS server, you can use the product name instead of
the product IP address to access Web Config.
Parent topic: Using Web Config Network Configuration Software
Restricting Features Available for Users
Follow the instructions in these sections to restrict users from using certain product features and create
an administrator password to lock the restrictions using the Web Config software.
User Feature Restriction
Configuring User Feature Restrictions
Changing the Administrator Password in Web Config
Parent topic: Using Web Config Network Configuration Software
9
User Feature Restriction
You can restrict available product features for up to 10 individual users, with different features available
to each user. This requires users to log into the product control panel with their user name and password
before they can use control panel features.
With Windows, you can also restrict printing and scanning from the product software. This requires users
to log into the printing or scanning software, and allows the software to authenticate the users before
printing or scanning proceeds. For instructions on setting up software restrictions, see the help utility in
the printing or scanning software.
Parent topic: Restricting Features Available for Users
Configuring User Feature Restrictions
You can create up to 10 user accounts and restrict access to control panel features separately for each
one.
1.Access Web Config, select Access Control Settings, and select Basic.
You see a window like this:
2.Select the Enables Access Controls checkbox.
3.If you have configured the product for an LDAP server or IEEE 802.1x network, you can deselect the
Allows printing and scanning without authentication information checkbox to prevent the
product from receiving jobs sent from these sources:
• The default operating system driver
• A PCL or PostScript printer driver
10
• Web services such as Epson Connect or Google Cloud Print
• Smartphones and other mobile devices
4.Click OK.
5.Select Access Control Settings and select User Settings.
6.Click Add.
You see a window like this:
7.Enter a name for a user in the User Name field following the guidelines on the screen. Use ASCII
(0x20-0x7E) characters.
8.Enter a password for the user in the Password field following the guidelines on the screen.
Note: If you need to reset a password, leave the password field blank.
9.Select the checkbox for each function you want the user to be able to perform, and deselect the
checkbox for each function you want to restrict access to.
10. Click Apply.
Note: When you edit a completed user account, you see a Delete option. Click it to delete a user, if
necessary.
Note: You can import and export a list of user features using EpsonNet Config. See the help utility in the
software for instructions.
11
Parent topic: Restricting Features Available for Users
Changing the Administrator Password in Web Config
You can set an administrator password using your product's control panel or using Web Config or
EpsonNet Config. You use the same administrator password in all cases.
Note: See your product's User's Guide for instructions on setting an administrator password using the
control panel. If you forget your administrator password, contact Epson for support, as described in the
product's User's Guide.
1.Access Web Config, select Administrator Settings, and select Change Administrator Password.
You see a window like this:
2.Do one of the following:
• If you have set an administrator password before, enter the current password, then enter and
confirm the new password in the fields provided.
• If you have not set an administrator password before, enter a new password and confirm it in the
fields provided
3.Click OK
Parent topic: Restricting Features Available for Users
12
Using Your Product on a Secure Network
Follow the instructions in these sections to configure security features for your product on the network
using the Web Config software.
Configuring SSL/TLS Communication
Configuring IPsec/IP Filtering
Configuring SNMPv3 Protocol Settings
Connecting the Product to an IEEE 802.1X Network
Using a Digital Certificate
Using an LDAP Server
Using an Email Server
Configuring Protocols and Services in Web Config
Importing and Exporting Web Config Settings
Parent topic: Using Web Config Network Configuration Software
Configuring SSL/TLS Communication
Follow the instructions in these sections to configure SSL/TLS communication using Web Config.
Configuring SSL/TLS Settings
Configuring a Server Certificate for the Product
Parent topic: Using Your Product on a Secure Network
Configuring SSL/TLS Settings
If your product supports HTTPS, you can configure SSL/TLS to encrypt communications with your
product.
1.Access Web Config and select Network Security Settings.
2.Select SSL/TLS and select Basic.
13
You see a window like this:
3.Select one of the options for the Encryption Strength setting
4.Select Enable or Disable for the Redirect HTTP to HTTPS setting as necessary.
5.Click Next.
You see a confirmation message.
6.Click OK.
Parent topic: Configuring SSL/TLS Communication
Configuring a Server Certificate for the Product
You can configure a server certificate for your product.
1.Access Web Config and select Network Security Settings.
2.Select SSL/TLS and select Certificate.
14
You see a window like this:
3.Select one of the following options for the Server Certificate setting:
• Self-signed Certificate: select if you have not obtained a CA-signed certificate and want the
product to generate a self-signed certificate
• CA-signed Certificate: select if you have obtained a CA-signed certificate
4.Click Next.
You see a confirmation message.
5.Click OK.
Parent topic: Configuring SSL/TLS Communication
Configuring IPsec/IP Filtering
Follow the instructions in these sections to configure IPsec/IP traffic filtering using Web Config.
About IPsec/IP Filtering
Configuring Default IPsec/IP Filtering Policy
Configuring Group IPsec/IP Filtering Policies
IPsec/IP Filtering Policy Settings
IPsec/IP Filtering Configuration Examples
Configuring an IPsec/IP Filtering Certificate
Parent topic: Using Your Product on a Secure Network
15
About IPsec/IP Filtering
You can filter traffic to the product over the network based on IP address, service, and port by
configuring a default policy that applies to every user or group connecting to the product. For control of
individual users or user groups, you can configure group policies.
Note: IPsec is supported only by computers running Windows Vista or later, or Windows Server 2008 or
later.
Parent topic: Configuring IPsec/IP Filtering
Configuring Default IPsec/IP Filtering Policy
You can configure the default policy for IPsec/IP traffic filtering using Web Config.
1.Access Web Config and select Network Security Settings.
2.Select IPsec/IP Filtering and select Basic.
You see a window like this:
3.Select Enable to enable IPsec/IP filtering.
4.Select the filtering options you want to use for the default policy.
5.Click Next.
You see a confirmation message.
6.Click OK.
Parent topic: Configuring IPsec/IP Filtering
16
Configuring Group IPsec/IP Filtering Policies
You can configure group policies for IPsec/IP traffic filtering using Web Config.
1.Access Web Config and select Network Security Settings.
2.Select IPsec/IP Filtering and select Basic.
3.Click a tab number for the policy number you want to configure.
You see a window like this:
4.Select the Enable this Group Policy checkbox.
5.Select the filtering options you want to use for this group policy.
6.Click Next.
You see a confirmation message.
7.Click OK.
8.If you want to configure additional group policies, click the next tab number and repeat the
configuration steps as necessary.
Parent topic: Configuring IPsec/IP Filtering
17
IPsec/IP Filtering Policy Settings
Default Policy Settings
SettingOptions/Description
Access ControlPermit Access to permit IP packets to pass through
Authentication MethodSelect an authentication method, or select Certificate if
Pre-Shared KeyIf necessary, enter a pre-shared key between 1 and 127
EncapsulationIf you selected IPsec as the Access Control option,
Refuse Access to prevent IP packets from passing
through
IPsec to permit IPsec packes to pass through
you have imported a CA-signed certificate
characters long
select one of these encapsulation modes:
Transport Mode, if you are using the product on the
same LAN; IP packets of layer 4 or later are encrypted
Tunnel Mode, if you are using the product on an Internetcapable network, such as IPsec-VPN; the header and
data of IP packets are encrypted
Remote Gateway(Tunnel Mode)If you selected Tunnel Mode as the Encapsulation
option, enter a gateway address between 1 and 39
characters long
Security ProtocolIf you selected IPsec as the Access Control option,
select one of these security protocols:
ESP, to ensure the integrity of authentication and data,
and encrypt data
AH, to ensure the integrity of authentication and data; if
data encryption is prohibited, you can use IPsec
18
Group Policy Settings
SettingOptions/Description
Access ControlPermit Access to permit IP packets to pass
through
Refuse Access to prevent IP packets from
passing through
IPsec to permit IPsec packes to pass through
Local Address(Printer)Select an IPv4 or IPv6 address that matches your
network environment; if the IP address is assigned
automatically, select Use auto-obtained IPv4
address
Remote Address(Host)Enter the device's IP address (between 0 and 43
characters long) to control access, or leave blank
to control all addresses; if the IP address is
assigned automatically, such as by DHCP, the
connection may be unavailable, so configure a
static address instead
Method of Choosing PortSelect the method you want to used for specifiying
ports
Service NameIf you selected Service Name as the Method of
Choosing Port option, select a service name
option here; see the next table for more
information
Transport ProtocolIf you selected Port Number as the Method of
Choosing Port option, select one of these
encapsulation modes:
Any Protocol
TCP
UDP
ICMPv4
See the Group Policy Guidelines table for more
information
19
SettingOptions/Description
Local PortIf you selected Port Number as the Method of
Choosing Port option, and TCP or UDP for the
Transport Protocol option, enter the port
numbers that control receiving packets (up to 10
ports), separated by commas, for example
25,80,143,5220; leave this setting blank to control
all ports; see the next table for more information
Remote PortIf you selected Port Number as the Method of
Choosing Port option, and TCP or UDP for the
Transport Protocol option, enter the port
numbers that control sending packets (up to 10
ports), separated by commas, for example
25,80,143,5220; leave this setting blank to control
all ports; see the next table for more information
Authentication MethodIf you selected IPsec as the Access Control
option, select an authentication method here
Pre-Shared KeyIf you selected Pre-Shared Key as the
Authentication Method option, enter a pre-
shared key between 1 and 127 characters long
here and in the Confirm Pre-Shared Key field
EncapsulationIf you selected IPsec as the Access Control
option, select one of these encapsulation modes:
Transport Mode, if you are using the product on
the same LAN; IP packets of layer 4 or later are
encrypted
Tunnel Mode, if you are using the product on an
Internet-capable network, such as IPsec-VPN; the
header and data of IP packets are encrypted
Remote Gateway(Tunnel Mode)If you selected Tunnel Mode as the
Encapsulation option, enter a gateway address
between 1 and 39 characters long
20
Loading...
+ 45 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.