How it Works
Xerox
Loading...
P
Q
R
S
T
Loading...
Loading...
Secure Access Unified ID System
5.3 Installation Guide
44 pgs769.08 Kb0
Administration Guide
50 pgs2.19 Mb0
Administration Guide
100 pgs3.25 Mb0
Administration Guide [de]
52 pgs2.23 Mb0
Administration Guide [es]
54 pgs2.24 Mb0
Administration Guide [fr]
54 pgs2.24 Mb0
Administration Guide [it]
52 pgs2.23 Mb0
Embedded for Xerox ECSP Setup Guide
104 pgs1.98 Mb0
Embedded for Xerox EIP Setup Guide
98 pgs4.8 Mb0
Embedded for Xerox EPA-EIP Setup Guide
48 pgs1.01 Mb0
Installation Guide
36 pgs1.47 Mb0
Installation Guide [de]
36 pgs1.49 Mb0
Installation Guide [es]
36 pgs1.48 Mb0
Installation Guide [fr]
36 pgs1.49 Mb0
Installation Guide [it]
36 pgs1.47 Mb0
Quick Start Guide [en,fr,it,de,pt]
2 pgs353.07 Kb0
Setting the Secure Access Unified ID
13 pgs230.12 Kb0
Setting the Secure Access Unified ID [it]
13 pgs230.85 Kb0
Setting up the IP address [de]
13 pgs231.37 Kb0
Setting up the IP address [es]
13 pgs233.65 Kb0
Setting up the IP address [fr]
13 pgs243.46 Kb0
Table of contents
Loading...

Xerox Secure Access Unified ID System Setting the Secure Access Unified ID

Download
Setting the Xerox
®
Secure Access Unified ID System Authentication Device IP Address
White Paper
Copyright © 2007 by Xerox Corporation. All rights reserved. XEROX ® and Secure Access Unified ID System are trademarks of or licensed to Xerox Corporation in the United States and other countries.
Version 1.5: June 2009

Contents

1. Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
2. General Boot-up procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Xerox Secure Access mode Web Admin Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3. Static IP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
4. DHCP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
DHCP Negotiation fails . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
DHCP Negotiation successful. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Option 230 present . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Option 230 missing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
5. On use of the Reset Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6. Authentication Device – DCE communication establishment description. . . . . . . . . . . . . . . . . . 12
7. Configuration Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
White Paper
3
Contents
4
Xerox Secure Access Unified ID System White Paper

Setting the Xerox Secure Access Unified ID System Authentication Device IP Address

This chapter includes:
1. Purpose on page 6
2. General Boot-up procedure on page 7
3. Static IP configuration on page 8
4. DHCP configuration on page 9
5. On use of the Reset Key on page 11
6. Authentication Device – DCE communication establishment description on page 12
7. Configuration Notes on page 13
White Paper
5
Setting the Xerox Secure Access Unified ID System Authentication Device IP Address

1. Purpose

This document is a summary of the bootp process for a terminal configure to run in mode 2 (Office Environment) Correct IP Address assignment is essential to ensure that the Authentication Devices can communicate with the target DCE server.
6
Xerox Secure Access Unified ID System White Paper
Setting the Xerox Secure Access Unified ID System Authentication Device IP Address

2. General Boot-up procedure

The following network information is required for a Xerox Secure Access Authentication Device to communicate with a DCE server:
1. IP Address of the Authentication device
2. IP Address of the DCE server
3. The subnet mask
4. The default Gateway
There are two ways to configure the IP Address of each Authentication Device:
1. Using Static IP values
2. Using DHCP
When configured to use the Static IP address option, any changes made to the settings are stored in the EEPROM however when configured in DHCP mode, the values are NOT stored in the EEPROM. This is important to understand because in DHCP mode under certain conditions the Authentication Device will use values read from the EEPROM.

Xerox Secure Access mode Web Admin Page

It is possible to set the values stored in the EEPROM for both Static and DHCP mode via the Authentication Device web page. In DHCP mode the IP Address, Network Mask and Gateway values will not be stored regardless of which mode is specified -the server address will always be stored.
Configure Xerox Secure Access Authentication Device
Addressing mode Static IP
IP Address 192.168.92.88
Network mask 255.255.255.000
Gateway 192.168.092.001
HID decoding
Configure server
Server IP Address 192.168.092.045
White Paper
7
Setting the Xerox Secure Access Unified ID System Authentication Device IP Address

3. Static IP configuration

This is the simplest method for configuring a device. The IP Addresses (see 2. General Boot-up
procedure on page 7) are manually entered via the manager mode of the Authentication Devices.
Once entered the values are stored in the EEPROM and will be used on subsequent boots of the device. For a description of how the boot procedure executes, see 6. Authentication Device – DCE
communication establishment description on page 12.
8
Xerox Secure Access Unified ID System White Paper
Setting the Xerox Secure Access Unified ID System Authentication Device IP Address

4. DHCP configuration

Although the Static IP configuration is relatively straightforward to configure, it requires manual configuration of each device; a lengthy task if there are a large number of devices to configure.
The Authentication Devices are able to use DHCP to automatically configure the IP Address, subnet mask and default gateway. Also if configured on the DHCP server, the DCE server address can also be used (see Option 230 below).

DHCP Negotiation fails

If the terminal fails to negotiate with the DHCP server then the IP settings of the Authentication Device are set to:
1. Terminal IP Address = 192.168.2.1 (hard-coded)
2. Terminal mask = 255.255.0.0 (hard-coded)
3. Gateway IP Address as stored in the EEPROM
4. Server IP Address as stored in the EEPROM
If you have multiple Authentication Devices and DHCP fails, all device IP Address are set to the same address (192.168.2.1).

DHCP Negotiation successful

On successful negotiation, the standard IP address values set (IP address, Mask and Gateway) will be used as returned by the DHCP server.
Note: Values returned by the DHCP server are NOT stored in the EEPROM.

Option 230 present

The Administrator can set option 230 on the DHCP server to allow for the configuration of the server field on the Authentication Device.
EQ;A;<DCE Server IP address>
Where the <DCE Server IP address> is the IP address of the server specified in standard 4 octet form, e.g. 192.168.1.23
If the parsing of the string is successful the server IP address will be set to the IP address as specified however if the parsing of the option fails for whatever reason the server IP address is set to 0.0.0.0. A server IP address of 0.0.0.0 will cause the Authentication Device to issue a broadcast bootp request. For details, see 6. Authentication Device – DCE communication establishment description on page 12.
If option 230 is present but is not a Secure Access value, (i.e. used by some other application), the server IP Address is set to 0.0.0.0 which causes a broadcast bootp to be issued.
White Paper
9
Setting the Xerox Secure Access Unified ID System Authentication Device IP Address
If there are multiple Authentication Devices and the DHCP server fails to negotiate option 230, the bootp process registers all devices with ALL DCEs alive in the segment. However, only the first DCE that connects to the terminal will work with that terminal.

Option 230 missing

If option 230 is missing then the value of the server address as stored in the EEPROM will be used.
10
Xerox Secure Access Unified ID System White Paper
Setting the Xerox Secure Access Unified ID System Authentication Device IP Address

5. On use of the Reset Key

If the Reset key is turned, the Authentication Device will:
1. Set the server IP address to 0.0.0.0 and store the value in the EEPROM.
2. Set the IP Method to use DHCP.
3. Set the password "pc_passwd".
4. Reset the EDI settings to the factory defaults.
White Paper
11
Setting the Xerox Secure Access Unified ID System Authentication Device IP Address
6. Authentication Device – DCE communication establishment description
The following describes how the Authentication Device boots.
1. If the Authentication Device has the IP Address of the server, it will send a directed bootp request to the server address; otherwise it will send a bootp broadcast (i.e, if the server IP address is
0.0.0.0, the Authentication Device will issue a broadcast bootp).
The following information is included in the bootp request.
IP Address of the Authentication Device
MAC Address of the Authentication Device
Terminal Type is set to Xerox Secure Access mode. DCE will ignore any bootp request that
does not have the appropriate signature embedded in the request. The signature is Xerox = 'XEFB'
2. Authentication Device waits for a Bootp response. The bootp response must be directed at the Authentication Device.
3. If the Authentication Device does not receive a bootp response in 10 seconds or less, it will sleep for a period of time (up to 3 times, then devices will go to offline mode) and then send the bootp request again (i.e. goes back to step 1.)
The sleep times between bootp requests increase based on the sequence of times indicated
below until the longest delay is reached (22 seconds) and the time is set back to the last value reached and then the time is reset to the shortest delay (.15s).
Sleep times = .15 s, .8s, 2s, 3.2s, 5.6s, 12s, 22s
4. If a bootp response is received by the Authentication Device, the device starts a socket server (TCP) and waits for a client (one client connection only) to connect.
5. If a connection is not made with 4 minutes the Authentication Device will reset and the procedure starts again from step 1.
6. Once a connection is successfully established the Authentication Device waits for a request from the server (DCE) and the boot procedure ends.
7. In offline mode, Xerox Secure Access devices will try to create connection with the server by sending bootp every 30 seconds.
12
Xerox Secure Access Unified ID System White Paper
Setting the Xerox Secure Access Unified ID System Authentication Device IP Address

7. Configuration Notes

1. If multiple DCE servers are used then option 230 should not be used when configured for DHCP. Instead, configure the server address via the Authentication Device web page.
2. Using DHCP if one DCE server exists then option 230 can be used to ensure that the server IP address specified is used and changing the address in all of the Authentication Device web pages is unnecessary.
3. Using DHCP is preferred in environments where the server address may change periodically however it is important to ensure that option 230 is used so the server address can be "pushed" to all of the Authentication Devices instead of configuring all of the devices manually.
White Paper
13
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use