More Information ............................................................................................................................................................. 16
2 Initial Setup 17
Physically Connecting the Printer .............................................................................................................................. 18
Assigning a Network Address ...................................................................................................................................... 19
Connecting the Printer to a Wireless Network ..................................................................................................... 20
Accessing Administration and Configuration Settings ..................................................................................... 21
Accessing the Control Panel as a System Administrator ......................................................................... 21
Accessing Xerox
Initial Setup at the Control Panel .............................................................................................................................. 22
Using Installation Wizards ................................................................................................................................... 22
Setting the Measurement Units ......................................................................................................................... 22
Installing Optional Software Features ............................................................................................................ 23
Initial Setup in Xerox
Printing the Configuration Report ..................................................................................................................... 24
Restricting Access to the Printer ......................................................................................................................... 24
Using the Configuration Overview Page......................................................................................................... 25
Assigning a Name and Location to the Printer ............................................................................................ 25
Selecting Services to Appear on the Touch Screen .................................................................................... 25
Installing Optional Software Features ............................................................................................................ 26
Supplies Plan Activation Code ............................................................................................................................. 26
Changing the System Administrator Password ................................................................................................... 28
Changing the System Administrator Password at the Control Panel ................................................. 28
Setting the Date and Time ........................................................................................................................................... 29
Setting the Date and Time in Xerox
Setting the Date and Time at the Control Panel ........................................................................................ 30
®
CentreWare® Internet Services as a System Administrator .............................. 21
®
CentreWare® Internet Services ................................................................................... 24
®
CentreWare® Internet Services .............................................. 29
27
3 Network Connectivity 31
Connecting to a Wireless Network ............................................................................................................................ 32
Connecting Directly to a Wireless Network ................................................................................................... 34
Wi-Fi Direct .......................................................................................................................................................................... 35
Configuring Wi-Fi Direct ........................................................................................................................................ 35
USB Settings ....................................................................................................................................................................... 38
Configuring USB Settings ...................................................................................................................................... 38
Before You Begin ...................................................................................................................................................... 39
Enabling HTTP at the Control Panel ................................................................................................................. 41
Configuring HTTP Settings in Xerox
®
CentreWare® Internet Services .............................................. 41
Accessing HTTP Web Services ............................................................................................................................. 41
HTTP Web Services .................................................................................................................................................. 42
IP .............................................................................................................................................................................................. 43
Adding LDAP Server Information ...................................................................................................................... 49
®
Adding or Editing LDAP Servers in Xerox
CentreWare® Internet Services ..................................... 50
Configuring a Secure LDAP Connection .......................................................................................................... 50
Configuring LDAP Server Optional Information .......................................................................................... 50
LDAP Server Contexts ............................................................................................................................................. 51
Configuring LDAP User Mappings ..................................................................................................................... 52
Configuring NetWare General Settings .......................................................................................................... 55
Enabling SAP ............................................................................................................................................................... 55
Proxy Server ......................................................................................................................................................................... 59
Configuring the Proxy Server ............................................................................................................................... 59
Raw TCP/IP Printing ......................................................................................................................................................... 60
Configuring Raw TCP/IP Settings ...................................................................................................................... 60
Configuring Raw TCP/IP Advanced Settings ................................................................................................ 61
49
4 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Configuring Kerberos Authentication Options for SMB ........................................................................... 63
SMTP Server ........................................................................................................................................................................ 64
Configuring SMTP Server Settings .................................................................................................................... 64
Setting Access Rights ...................................................................................................................................................... 72
User Permissions ....................................................................................................................................................... 85
Using SSL for all HTTP Communication .......................................................................................................... 93
FIPS 140-2 ........................................................................................................................................................................... 94
Enabling FIPS 140 Mode and Checking for Compliance ......................................................................... 95
Stored Data Encryption .................................................................................................................................................. 96
Enabling Encryption of Stored Data ................................................................................................................. 96
IP Filtering ............................................................................................................................................................................ 97
Creating or Editing an IP Filter Rule ................................................................................................................. 97
Editing an IP Filter Rule .......................................................................................................................................... 98
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 5
Contents
Arranging the Execution Order of IP Filter Rules ........................................................................................ 98
Saving an Audit Log............................................................................................................................................... 100
Saving an Audit Log to a USB Flash Drive ................................................................................................... 100
Interpreting the Audit Log .................................................................................................................................. 101
McAfee Embedded Control ........................................................................................................................................ 103
Setting the Security Level .................................................................................................................................... 104
Setting the Alert Options ..................................................................................................................................... 105
Managing Protocol Groups ................................................................................................................................. 107
Creating a New Action ......................................................................................................................................... 107
Editing or Deleting an Action ............................................................................................................................ 109
Managing Host Groups ........................................................................................................................................ 110
CentreWare® Internet Services .............................. 118
System Timeout .............................................................................................................................................................. 120
Setting System Timeout Values ....................................................................................................................... 120
Overwriting Image Data .............................................................................................................................................. 121
Enabling or Creating PostScript Passwords ................................................................................................. 125
USB Port Security ............................................................................................................................................................ 126
Enabling or Disabling USB Ports ....................................................................................................................... 126
Displaying or Hiding Network Settings .................................................................................................................. 127
Hiding User Names on the Control Panel ............................................................................................................. 128
Verifying the Software ................................................................................................................................................. 129
Specifying Email and Internet Fax Recipient Restrictions ............................................................................ 131
6 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Contents
Disabling the System Administrator Password Reset ...................................................................................... 132
5 Printing 133
Paper Management ....................................................................................................................................................... 134
Setting Default Paper Type and Color ........................................................................................................... 134
Enabling Required Paper Policies ..................................................................................................................... 134
Setting Paper Size Preference ........................................................................................................................... 134
Selecting Paper Tray Settings ........................................................................................................................... 135
Saving and Reprinting Jobs ........................................................................................................................................ 136
Enabling the Reprint Saved Jobs Feature ..................................................................................................... 136
Create and Manage Saved Jobs Folders ...................................................................................................... 136
Saving and Printing Jobs ..................................................................................................................................... 137
Backing up Saved Jobs ......................................................................................................................................... 137
Restoring Saved Jobs from an FTP Repository ........................................................................................... 138
®
Printing Jobs from Xerox
Configuring General Print Settings ......................................................................................................................... 140
Printing an Error Sheet ................................................................................................................................................. 141
Hold All Jobs ......................................................................................................................................................................
Configuring the Hold all Jobs Feature ........................................................................................................... 145
UNIX, Linux, and AS/400 Printing ........................................................................................................................... 146
Printing from a Linux Workstation .................................................................................................................. 147
Adding the Printer .................................................................................................................................................. 147
Printing with CUPS ................................................................................................................................................. 147
Print from USB ................................................................................................................................................................. 149
Enabling Print from USB ...................................................................................................................................... 149
Print from Mailbox ......................................................................................................................................................... 150
Enabling Print From Mailbox ............................................................................................................................. 150
Allowing Users to Interrupt Active Print Jobs ..................................................................................................... 153
Specifying Feature Defaults for Copy Settings at the Control Panel ............................................... 157
Setting the Color Presets Screen ...................................................................................................................... 157
Setting the Reading Order Options ................................................................................................................. 159
Scanning to a Folder on the Printer ........................................................................................................................ 164
Enabling or Disabling Scan to Mailbox .......................................................................................................... 164
Managing Folders and Scanned Files ............................................................................................................ 165
Scanning to an Email Address ................................................................................................................................... 168
Configuring the Default Template .................................................................................................................. 178
Configuring Workflow Scanning General Settings ................................................................................... 179
Configuring Single-Touch Service .................................................................................................................... 180
Setting Template Display Settings for the Control Panel .....................................................................
Enabling Remote Scanning using TWAIN ................................................................................................... 181
Configuring a Validation Server ....................................................................................................................... 181
Configuring Template Pool Repository Settings ....................................................................................... 182
Scan to USB ....................................................................................................................................................................... 183
Enabling Scan to USB ........................................................................................................................................... 183
Scanning to a User Home Folder ............................................................................................................................. 184
Configuring the Printer for the Xerox Scan Utility ............................................................................................ 186
Configuring Scan To Destination ............................................................................................................................. 187
Before You Begin .................................................................................................................................................... 187
Internet Fax ...................................................................................................................................................................... 206
Accessing the Internet Fax Setup Page ........................................................................................................ 206
LAN Fax ............................................................................................................................................................................... 210
9 Accounting 211
Xerox Standard Accounting ....................................................................................................................................... 212
Enabling Xerox Standard Accounting ............................................................................................................ 212
Setting Service Tracking Options ..................................................................................................................... 213
General and Group Accounts ............................................................................................................................. 213
Adding a User and Setting Usage Limits ...................................................................................................... 214
Managing User Information .............................................................................................................................. 215
Assigning Users to an Account ......................................................................................................................... 217
Configuring Job Limits Server Settings .......................................................................................................... 221
Configuring User Prompts ................................................................................................................................... 221
Disabling the Job Limits Web Service ............................................................................................................ 222
Configuring Validation Policies and Print Job Exceptions .....................................................................
Accounting Using an Auxiliary Access Device .................................................................................................... 224
Enabling Accounting Using an Auxiliary Access Device ......................................................................... 224
Displaying Your Company Logo on the Blocking Screen ....................................................................... 224
Setting the Auxiliary Access Device Type ..................................................................................................... 224
Selecting Services to Restrict or Track ........................................................................................................... 225
Setting the Job Timeout ...................................................................................................................................... 225
Enabling Accounting in Print Drivers ...................................................................................................................... 226
Enabling Accounting in a Windows Print Driver ........................................................................................ 226
Enabling Accounting in an Apple Macintosh Print Driver...................................................................... 226
Printing a Copy Activity Report ................................................................................................................................. 227
222
10 Administrator Tools 229
Monitoring Alerts and Status ..................................................................................................................................... 230
Energy Saving Settings ................................................................................................................................................. 232
Setting Energy Saver Mode ................................................................................................................................ 232
Remote Control Panel ................................................................................................................................................... 234
Smart eSolutions and Billing Information ........................................................................................................... 236
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 9
Device Address Book ............................................................................................................................................. 241
Network Address Book .......................................................................................................................................... 246
LAN Fax Address Book .......................................................................................................................................... 246
Font Management Utility ........................................................................................................................................... 247
Downloading a Network Log ............................................................................................................................. 248
Downloading a Network Log to a USB Flash Drive .................................................................................. 248
Customizing Printer Contact Information ........................................................................................................... 249
Display Device Information ....................................................................................................................................... 250
Xerox Online Support .................................................................................................................................................... 251
Enabling Xerox Online Support ......................................................................................................................... 251
®
Restarting the Printer in Xerox
CentreWare® Internet Services ............................................................... 252
Restarting the Printer at the Control Panel ......................................................................................................... 253
Taking the Printer Offline ............................................................................................................................................ 254
Erase Customer Data .................................................................................................................................................... 255
Resetting the User Interface to Factory Default Settings ............................................................................ 256
Updating the Printer Software .................................................................................................................................. 257
Driver Download Link .................................................................................................................................................... 264
Customizing or Hiding the Driver Download Link ..................................................................................... 264
Displaying or Hiding ConnectKey Apps ................................................................................................................. 265
Creating a Custom Single-Touch Scan Service ................................................................................................... 266
Creating a Custom Single-Touch Scan Service Overview ...................................................................... 266
Creating a Single-Touch Scan Service ............................................................................................................ 266
Customizing the Appearance of Your Service ............................................................................................ 267
Installing a Weblet ................................................................................................................................................. 270
10 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
WorkCentre® 6655/6655i Color Multifunction Printer 11
• More Information ................................................................................................................................................................ 16
WorkCentre® 6655/6655i Color Multifunction Printer 13
Introduction
Overview
This guide is designed for a system administrator with network administrator rights who understands
networking concepts and has experience creating and managing network user accounts.
Use this guide to help you install, configure, and manage your printer on a network.
Notes:
• Network features are not available when you are connected over USB.
• Embedded fax features are not available for all printer models.
14 Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer
System Administrator Guide
Introduction
Configuration Steps
When you configure the printer for the first time, complete the following tasks.
1. Ensure that your printer is connected physically to your network, and to the fax line, as needed.
2. Confirm that your printer is recognized on your network. By default, the printer is configured to
receive an IP address from a DHCP server over a TCP/IP network. If you have another type of
network, or want to assign a static IP address, see IP on page 43.
3. Complete the installation wizards. These wizards help you configure basic printer settings such as
your location, time zone, and date and time preferences.
4. Print a configuration report listing the current printer configuration. Review the report and locate
the printer IPv4 address. For details, see Configuration Report on page 24.
®
5. Open a Web browser and type the IP address of your printer to access Xerox
®
Services. Xerox
CentreWare® Internet Services is the administration and configuration software
installed on the embedded Web server in the printer. For details, see Accessing Xerox
Internet Services on page 21.
Note: You can access most configuration settings on the Properties tab in Xerox
Internet Services.
CentreWare® Internet
®
CentreWare®
®
CentreWare®
6. Print the Configuration Checklist. The Configuration Checklist provides space for you to write down
important information as you go through the configuration process. Use it to record information
about your network settings, including passwords, network paths, and server addresses. To access
the checklist, In Xerox
®
CentreWare® Internet Services, click Properties > Configuration Overview,
then click View Checklist.
7. Create a host name for the printer. For details, see DNS on page 44.
8. Configure Authentication. For details, see Setting Up Access Rightson page 72.
9. Configure Security. For details, see Security on page 71.
®
10. Enable services in Xerox
CentreWare® Internet Services. For details, see Selecting Services to
Appear on the Touch Screenon page 25.
11. Configure Print, Scan, and Fax features. For details, see Printingon page 133, Scanning on page
163, and Faxing on page 189.
12. Configure Accounting. For details, see Accountingon page 211.
Note: Not all options listed are supported on all printers. Some options apply only to a specific
printer model, configuration, operating system, or driver type.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 15
Introduction
More Information
Resource Location
Installation Guide
Other documentation for your printer
Packaged with the printer.
• www.xerox.com/office/WC6655docs
• www.xerox.com/office/WC6655i_docs
Recommended Media List United States: www.xerox.com/rmlna
European Union: www.xerox.com/rmleu
Technical support information for your printer;
including online technical support, Online Support
Assistant, and driver downloads.
Information about menus or error messages
Information pages
• www.xerox.com/office/WC6655support
• www.xerox.com/office/WC6655i_support
Press the control panel Help (?) button.
To print from the control panel, press Machine Status >
Machine Information > Information Pages.
To print from Xerox
®
CentreWare® Internet Services, click
Status > Information Pages.
Xerox® CentreWare® Internet Services
In Xerox® CentreWare® Internet Services, click Help.
documentation
Order supplies for your printer
• www.xerox.com/office/WC6655supplies
• www.xerox.com/office/WC6655i_supplies
A resource for tools and information, including
www.xerox.com/office/businessresourcecenter
interactive tutorials, printing templates, helpful
tips, and customized features to meet your
individual needs.
Local sales and support center www.xerox.com/office/worldcontacts
Third party and open source software To locate third party and open source software disclosure
notices and terms and conditions, go to the product page at:
• www.xerox.com/office/WC6655support
• www.xerox.com/office/WC6655i_support
16 Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer
System Administrator Guide
• Setting the Date and Time .............................................................................................................................................. 29
2
Initial Setup
This chapter includes:
• Physically Connecting the Printer ................................................................................................................................. 18
• Assigning a Network Address .......................................................................................................................................... 19
• Connecting the Printer to a Wireless Network ......................................................................................................... 20
• Accessing Administration and Configuration Settings ........................................................................................ 21
• Initial Setup at the Control Panel ................................................................................................................................. 22
®
• Initial Setup in Xerox
• Changing the System Administrator Password ....................................................................................................... 28
CentreWare® Internet Services ....................................................................................... 24
®
Xerox
System Administrator Guide
WorkCentre® 6655/6655i Color Multifunction Printer 17
Initial Setup
Physically Connecting the Printer
1. Connect the power cord to the printer, and plug it into an electrical outlet.
2. Connect one end of a Category 5 or better Ethernet cable to the Ethernet port on the back of the
printer. Connect the other end of the cable to a correctly configured network port.
3. If your printer has fax installed, connect it to a correctly configured telephone line.
4. Turn on the printer.
18 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Initial Setup
Assigning a Network Address
The printer automatically acquires a network address from a DHCP server by default. To assign a static
IP address, configure DNS server settings, or configure other TCP/IP settings, see IP on page 43. If the
printer does not detect a DHCP server, the printer uses an IPv4 self-assigned address. Address
information is listed on the configuration report. For details, see Configuration Report on page 24.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 19
Initial Setup
Connecting the Printer to a Wireless Network
If the printer is connected to your wired network, you can configure wireless settings in Xerox®
CentreWare
®
Internet Services. You can also connect directly to a wireless network. For details, see
Connecting to a Wireless Network on page 32.
Note: You cannot connect to a wired network and a wireless network at the same time.
20 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Initial Setup
Accessing Administration and Configuration
Settings
You can access the administration and configuration settings from the Tools tab on the control panel or
from the Properties tab in Xerox
screen and buttons you press to control the functions available on the printer. Xerox
®
CentreWare® Internet Services. The control panel consists of a touch
®
CentreWare®
Internet Services is the administration and configuration software installed on the embedded Web
server in the printer. It allows you to configure and administer the printer from a Web browser.
®
The administrator password is required when accessing locked settings in Xerox
Services or at the control panel. Most printer models have a default configuration that restricts access to
some settings. Access is restricted for settings on the Properties tab in Xerox
Services, and settings on the Tools tab on the control panel touch screen.
CentreWare® Internet
®
CentreWare® Internet
Accessing the Control Panel as a System Administrator
1. At the printer control panel, press the Log In/Out button.
2. Type admin and touch Next.
3. Type the administrator password, then touch Done.
Note: The default password is 1111.
Accessing Xerox® CentreWare® Internet Services as a System Administrator
Before you begin:
•Locate your printer IP address using the Configuration Report. For details, see Printing the
Configuration Report on page 24.
•Ensure that TCP/IP and HTTP are enabled. If you disabled either of these protocols, enable them at
the control panel before accessing Xerox
®
CentreWare® Internet Services.
®
To log in to Xerox
CentreWare® Internet Services as the administrator:
1. At your computer, open a Web browser, in the address field, type the IP address of the printer, then
press Enter or Return.
2. In the top right area of the page, click Login.
3. Under User ID, type admin.
4. Under password, type the administrator password. The default password is 1111.
5. Click Login.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 21
Initial Setup
Initial Setup at the Control Panel
Installation Wizard
The Installation wizard starts the first time you turn on the printer. The wizard prompts you with a series
of questions to help you configure basic printer settings.
Note: You can complete the wizard at any time.
•To assign a static IP address or change the default dynamic addressing settings, use the IP Address
Settings wizard.
• To add phone numbers for support or supplies contacts, use the Contact Numbers wizard.
• To configure basic embedded fax settings, use the Fax Setup wizard.
Using Installation Wizards
1. At the printer control panel, press the Machine Status button, then touch the Tools tab.
3. To start a wizard, touch IP Address Settings, Contact Numbers, or Fax Setup.
4. Follow the onscreen instructions.
Setting the Measurement Units
1. At the printer control panel, press the Machine Status button, then touch the Tools tab.
2. Touch Device Settings > General > Measurements.
3. To show dimensions in metric or imperial units, under Units, select an option.
4. To specify the decimal mark symbol that the printer uses, under Numeric Separator, select Comma
or Period.
5. Click OK.
22 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Initial Setup
Installing Optional Software Features
When you purchase an optional software feature, to enable it, provide a feature installation key. Some
features come with an activation code that you use to request a feature installation key. Go to the
®
Xerox
activation code. The website generates a feature installation key that you can use to enable the feature.
You can also install optional software features by sending a print file. You can install features on
multiple printers by sending a formatted .csv file as a print job to the printers. A Xerox representative
creates this file and provides installation instructions.
Installing a Software Feature at the Control Panel
1. At the printer control panel, press the Machine Status button, then touch the Tools tab.
2. Touch Device Settings > General > Feature Installation.
3. Touch Enter Feature Installation Key, then type the key.
4. Touch OK.
Software Activation Portal website at www.xeroxlicensing.xerox.com/activation to enter the
Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer 23
System Administrator Guide
Initial Setup
Initial Setup in Xerox® CentreWare® Internet
Services
Printing the Configuration Report
The Configuration Report lists all current settings of the printer. A configuration report prints at startup
by default.
1. In Xerox
2. To print the report, click Print Configuration Page.
To turn off automatic printing of a Configuration Report at startup, see Disabling the Configuration
Report at Startup on page 24.
Disabling the Configuration Report at Startup
®
CentreWare® Internet Services, click Status > Configuration Report.
1. In Xerox® CentreWare® Internet Services, click Properties > Services.
2. Click Printing > General.
3. For Configuration Report, clear Print at Power on.
4. To save the new settings, click Apply.
Restricting Access to the Printer
You can lock or unlock the printer by selecting preset services and tools permissions for non-logged-in
users. For details about roles and user permissions, see Setting Up Access Rights on page 72.
®
1. In Xerox
2. Click User Permissions.
3. Under Action, next to User Permission Roles, click Edit.
4. Under Actions, click Edit.
5. Click the Services and Tools tab.
6. Under Presets, select an option.
7. Click Apply.
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
24 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Initial Setup
Using the Configuration Overview Page
The Configuration Overview page contains links to the commonly-accessed pages on the Properties tab.
Use the Configuration Overview page to help you install your printer successfully.
1. In Xerox
®
CentreWare® Internet Services, click Properties > Configuration Overview.
2. Select an option:
− To open the Configuration Checklist page, click View Checklist.
− To open the configuration page for a service or feature, next to the desired service or feature,
click Settings.
−To create a clone file, under Cloning click View. Cloning allows you to save your current printer
settings to a file to use as a backup and restore file for your printer. You can also use a clone
file to copy your printer settings to other printers.
Assigning a Name and Location to the Printer
The Description page displays the printer model information and product code or serial number. It also
provides a place to assign a name and location to the printer. Asset tags let you enter unique identifiers
for inventory management.
®
1. In Xerox
2. For Device Name, type a name for the printer.
3. For Location, type the location of the printer.
4. For Customer Asset Tag and Xerox
5. Click Apply.
CentreWare® Internet Services, click Properties > Description.
®
Asset Tag, type unique identifiers as needed.
Selecting Services to Appear on the Touch Screen
Services must be enabled before they can be managed through the Tools and Feature Access page. A
standard service is a service that comes standard with the printer. An extensible service is an optional,
third-party service installed on the printer.
To specify the services to display on the touch screen:
®
1. In Xerox
2. Click Show/Hide.
3. To select all of the services in the list to appear on the touch screen, click Show All.
4. To hide all of the services in the list so that none appear on the touch screen, click Hide All.
5. To select individual services to appear on the touch screen, for Displayed, select the services that
you want to appear.
6. Click Apply.
CentreWare® Internet Services, click Properties > Services > Display.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 25
Initial Setup
To arrange the order that services appear on the touch screen:
®
1. In Xerox
CentreWare® Internet Services, click Properties > Services > Display.
2. Click Order.
3. To arrange the order that services appear on the control panel, click, drag, then drop the buttons in
the preferred order.
4. Click Apply.
Installing Optional Software Features
When you purchase an optional software feature, to enable it, provide a feature installation key. Some
features come with an activation code that you use to request a feature installation key. Go to the
®
Xerox
activation code. The website generates a feature installation key that you can use to enable the feature.
You can also install optional software features by sending a print file. You can install features on
multiple printers by sending a formatted .csv file as a print job to the printers. A Xerox representative
creates this file and provides installation instructions.
Software Activation Portal website at www.xeroxlicensing.xerox.com/activation to enter the
Installing a Software Feature in Xerox® CentreWare® Internet Services
1. In Xerox® CentreWare® Internet Services, click Properties > General Setup.
2. Click Feature Installation.
3. Under Feature Installation Key Entry, click Enter Installation Key, or under Action, next to the
feature you want to install, click Install.
4. Type the key.
5. Click Apply.
Supplies Plan Activation Code
Your Xerox® equipment supplier offers supplies and service plans such as PagePack® and eClick®.
PagePack
printer in one contract. If you have enrolled in a supplies program, you must activate the supplies plan at
regular intervals. To enable your printer for your purchased plan, contact your Xerox
to get a Supplies Activation Code. Contact a Xerox representative to get your supplies plan activation
code.
1. In Xerox
2. Click Supplies Plan Activation Code.
3. Type the code, then click Apply.
®
and eClick® are cost-per-page-based programs that include all service and supplies for your
®
equipment supplier
®
CentreWare® Internet Services, click Properties > General Setup.
For more information about Xerox
26 Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer
System Administrator Guide
®
supplies and service plans, contact your Xerox representative.
Initial Setup
Physical Connection Settings
You can specify Ethernet and USB settings, such as Ethernet Rated Speed, USB Connection Mode, and
Print Timeout for USB printing.
Setting Ethernet Options
The Ethernet interface on the printer automatically detects the speed of your network. Any auto-sensing
devices connected to the network, such as a hub, do not always detect the correct speed. Refer to the
configuration report to ensure that the printer detects the correct network speed.
®
1. In Xerox
2. Next to Wired Connection, click Edit.
3. To configure Ethernet settings, next to Ethernet, click Edit.
4. For Rated Speed, select a connection speed.
5. Click Save.
Note: For the new settings to take effect, restart your printer.
CentreWare® Internet Services, click Properties > Connectivity > Setup.
Configuring USB Settings
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Action, next to USB Settings, click Edit.
3. Under USB Connection Mode, select an option:
®
−Software Tools disables Direct Printing via Driver. If you use Xerox
option. Xerox representatives also use this feature to connect directly to the printer and use
diagnostic software and other utilities.
−Direct Printing via Driver allows you to connect to the printer using a USB cable.
4. For Print Timeout, type the amount of time in seconds that the printer waits inactive before
disconnecting from a device connected to the port. Type 0 to disable the timeout.
5. Click Save.
Copier Assistant, select this
Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer 27
System Administrator Guide
Initial Setup
Changing the System Administrator Password
Xerox recommends that you change the default system administrator password after you configure the
printer. Be sure to store the password in a secure location. The default password is 1111.
®
1. In Xerox
2. Click Password Policies > Admin Password.
3. Type the old password.
4. Type the new password, then type the password again to verify.
5. Click Apply.
Changing the System Administrator Password at the Control Panel
1. At the printer control panel, press the Machine Status button, then touch the Tools tab.
3. If changing the password, type the old password.
4. Type the new password, then type the password again to verify.
5. Touch OK.
CentreWare® Internet Services, click Properties > Security.
28 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Initial Setup
Setting the Date and Time
Setting the Date and Time in Xerox® CentreWare® Internet Services
1. In Xerox® CentreWare® Internet Services, click Properties > General Setup.
2. Click Date and Time.
3. Under Date and Time Setup, select:
− Automatic using NTP to allow the NTP service to set the time automatically.
− Manual (NTP Disabled) to set the date and time manually.
4. If you are using an NTP server, select the address type. Options are IPv4 Address or Host Name.
Type the appropriately formatted address, alternate address, and port numbers. The default port
number is 123.
Note: Changes to these settings cause the printer to restart.
5. Select the date and time format, and type the date and time in the appropriate fields. Select the
Display 24 hour clock check box to show the time in 24 hour format.
6. Under Time Zone, select your time zone from the drop-down menu.
7. Click Apply.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 29
Initial Setup
Setting the Date and Time at the Control Panel
1. At the printer control panel, press the Machine Status button, then touch the Tools tab.
2. Touch Device Settings > General > Date and Time.
Note: If this feature does not appear, log in as a system administrator. For details, see Logging In as
the System Administrator at the Control Panel on page 21.
3. To set the time zone, touch Time Zone, touch the Geographic Region drop-down list, then touch
your region. Use the Up or Down arrows to navigate and select your Time Zone.
Note: The date and time are set automatically through Network Time Protocol (NTP). To modify
these settings, go to the Properties tab in Xerox
®
CentreWare® Internet Services and change the
Date and Time Setup to Manual (NTP Disabled).
4. To set the date:
a. Touch Date.
b. Touch Year field, then to set a number, use the arrows.
c. Touch Month field, then to set a number, use the arrows.
d. Touch Day field, then to set a number, use the arrows.
e. Touch Format, touch the date format that you wish to use.
5. To set the time:
a. Touch Time.
b. To specify the 12-hour or 24-hour format, touch Display 24 hour Clock.
c. Touch the Hours field, then to set a number, use the arrows.
d. Touch the Minutes field, then to set a number, use the arrows.
e. If your printer is set to display the 12-hour clock, touch AM or PM.
6. Touch OK.
30 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
• Connecting to a Wireless Network................................................................................................................................ 32
• Wi-Fi Direct ............................................................................................................................................................................. 35
• USB Settings ........................................................................................................................................................................... 38
• IP ................................................................................................................................................................................................. 43
• Proxy Server ............................................................................................................................................................................ 59
• Raw TCP/IP Printing ............................................................................................................................................................ 60
• SMTP Server ........................................................................................................................................................................... 64
WorkCentre® 6655/6655i Color Multifunction Printer 31
Network Connectivity
Connecting to a Wireless Network
If the printer is connected to your wired network, you can configure wireless settings in Xerox®
CentreWare
®
Internet Services.
Note: You cannot connect to a wired network and a wireless network at the same time.
Before you begin, purchase and install the Xerox
®
1. In Xerox
2. Next to Xerox
CentreWare® Internet Services, click Properties > Connectivity > Setup.
®
Wireless Network Interface, click Edit.
Note: The Edit button is available after you install the Xerox
®
Wireless Network Interface.
®
Wireless Network Interface.
3. To configure IPv4, IPv6, and DNS settings, on the Wireless Profile page, next to IP, click Edit.
Configure settings as needed, then click Apply. The printer uses separate IP settings for wired and
wireless network connections. For details, see IP on page 43.
4. On the Wireless Profile page, next to Wireless Settings, click Edit.
5. On the Wireless Settings page, click Scan for Available Networks. A list of detected networks
appears.
6. Next to the SSID name of the network you want to join, click Configure and Select.
7. The printer detects the security mode that your network uses. Configure the following security mode
settings as needed:
− Under WEP Setting and Key, select the bit strength and key.
− Under Encryption Algorithm, select an encryption method. Auto automatically detects the
algorithm that your wireless network uses.
−Under Authentication Method, select the authentication method that your wireless network
uses.
−To require the printer to validate certificates, under Server Validation, select the certificate that
you want to use. Install the validation server root certificate on the Security Certificates page
at Properties > Security > Security Certificates. For details, see Security Certificates on page
111.
−Under Device Certificate (TLS) - Authentication Certificate, select the device certificate that
you want to use. Install the device certificate on the Security Certificates page at Properties >
Security > Security Certificates. For details, see Security Certificates on page 111.
− Under Outer Identity, configure the external User ID.
− Under User Name, type the user name that the printer uses to access the wireless network.
− Under Password, type and confirm a password. Click Select to save new password as needed.
8. Click Save.
9. Navigate back to the Setup page, then click Properties > Connectivity > Setup.
10. Next to Xerox
®
Wireless Network Interface, click Make Active.
32 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
To verify the wireless status and see the wireless IP address, print a Configuration Report. For details, see
Configuration Report on page 24. See the Connectivity Physical Connections, and Connectivity Protocols,
TCP/IPv4 sections of the report.
Note: When you switch from a wired connection to a wireless connection, the IP address of the
printer changes. The connection to Xerox
browser closes. To reconnect to Xerox
®
CentreWare® Internet Services through your Web
®
CentreWare® Internet Services, type the new IP address or
host name of your printer in the address field of your Web browser.
Configuring Wireless Settings Manually
If the printer does not detect your wireless network, configure wireless settings manually and provide
information about your wireless network.
1. In Xerox
2. Next to Xerox
3. To configure IPv4, IPv6, and DNS settings, on the Wireless Profile page, next to IP, click Edit. The
printer uses separate IP settings for wired and wireless network connections. For details, see IP on
page 43.
4. On the Wireless Profile page, next to Wireless Settings, click Edit.
5. On the Wireless Settings page, click Join Other Network.
6. Under Network Name, type the name of your network.
7. Under Security Mode, select the security method that your wireless network uses.
8. Configure the following security mode settings as needed:
− Under WEP Setting and Key, select the bit strength and key.
− Under Encryption Algorithm, select an encryption method. Auto automatically detects the
− Under Authentication Method, select the authentication method that your wireless network
− To require the printer to validate certificates, under Server Validation, select the certificate that
− Under Device Certificate (TLS) - Authentication Certificate, select the device certificate that
− Under Outer Identity, configure the external User ID.
− Under User Name, type the user name that the printer uses to access the wireless network.
− Under Password, type and confirm a password. Click Select to save new password as needed.
9. Click Save.
10. Navigate back to the Setup page, then click Properties > Connectivity > Setup.
11. Next to Xerox
®
CentreWare® Internet Services, click Properties > Connectivity > Setup.
®
Wireless Network Interface, click Edit.
algorithm that your wireless network uses.
uses.
you want to use. Install the validation server root certificate on the Security Certificates page
at Properties > Security > Security Certificates. For details, see Security Certificates on page
111.
you want to use. Install the device certificate on the Security Certificates page at Properties >
Security > Security Certificates. For details, see Security Certificates on page 111.
®
Wireless Network Interface, click Make Active.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 33
Network Connectivity
Connecting Directly to a Wireless Network
Before you begin, purchase and install the Xerox® Wireless Network Interface.
1. Ensure that the printer is not connected to a wired Ethernet network.
2. Restart the printer.
3. Refer to the Configuration Report to find the self-assigned IP address of the printer, in the
169.254.x.x range. For details, see Printing the Configuration Report on page 24.
4. Using an Ethernet cable, connect a computer to the printer.
Notes:
• Depending on your computer hardware, use a crossover cable or adapter as needed.
• Ensure that wireless connectivity is disabled on your computer.
5. Find the IP address of the computer.
6. Ensure that the computer obtains an automatic private IP address, in the 169.254.x.x range, and is
therefore on the same subnet as the printer.
®
7. On the computer, access Xerox
in the address field of a Web browser, then press Enter or Return.
8. Configure wireless settings in Xerox
a Wireless Network on page 32.
CentreWare® Internet Services. Type the IP address of the printer
®
CentreWare® Internet Services. For details, see Connecting to
Note: When you switch from a wired connection to a wireless connection, the IP address of the
printer changes. The connection to Xerox
browser closes. To reconnect to Xerox
®
CentreWare® Internet Services through your Web
®
CentreWare® Internet Services, type the new IP address or
host name of your printer in the address field of your Web browser.
34 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
Wi-Fi Direct
Wi-Fi Direct enables devices to connect with each other without requiring a wireless access point.
Wi-Fi Direct does not require manual configuration. The Wi-Fi Direct Protected Service (WPS) Name and
subnet address prefix generate automatically.
If the Device Name field is blank, the WPS Name field displays a default value. If the Device Name is
changed, the value for Wi-Fi Protected Setup (WPS) Name changes to the value of Device Name.
Configuring Wi-Fi Direct
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Network, next to Wi-Fi Direct, click Edit.
3. To modify the Wi-Fi Protected Setup (WPS) Name, for Device Name, select Edit.
4. For Subnet Address Prefix, type the subnet address prefix as needed.
5. Click Apply.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 35
Network Connectivity
AirPrint
AirPrint is a software feature that allows you to print from wired or wireless Apple iOS-based mobile
devices and Mac OS-based devices without the need to install a print driver. AirPrint-enabled printers
allow you to print or fax directly from a Mac, an iPhone, iPad, or iPod touch.
Notes:
• Not all applications support AirPrint.
• When AirPrint is enabled, HTTP, Internet Printing Protocol, and mDNS are enabled by default.
• Internet Printing Protocol enablement results in a Web Server reset.
• The device that submits the AirPrint job must be on the same subnet as the printer. To allow
devices to print from different subnets, configure your network to pass mDNS traffic across
subnets.
•AirPrint-enabled printers work with devices running the latest version of iOS. AirPrint-enabled
printers work with the iPad, iPhone (3GS or later), and iPod touch (third generation or later).
Configuring AirPrint
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Mobile Workflows, next to AirPrint, click Edit.
3. To configure HTTP, IPP, or Multicast DNS Registration as needed, for each protocol click Edit.
4. For AirPrint Enablement, click On.
5. To edit the name or location for your printer, for Device Name, Device Location, or Geographic
Location, click Edit.
6. Click Save.
Note: To use AirPrint with accounting, you can create IPP accounting exceptions.
36 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
Mopria
Mopria is a software feature that enables users to print from mobile devices without requiring a print
driver. You can use Mopria to print from your mobile device to Mopria-enabled printers.
Configuring Mopria
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Mobile Workflows, next to Mopria Discovery, click Edit.
3. To configure HTTP, IPP, or Multicast DNS Registration as needed, for each protocol click Edit.
4. For Mopria Discovery, click On.
5. To configure your Device Name, click Edit.
6. Click Save.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 37
Network Connectivity
USB Settings
USB Settings allow you to set the USB connection mode and the print timeout value.
Configuring USB Settings
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Hardware Ports, next to USB Settings, click Edit.
3. For USB Connection Mode, select an option:
®
−Software Tools: This option disables Direct Printing via Driver. If you use Xerox
Assistant, select this option. Xerox representatives also use this feature to connect directly to
the printer and use diagnostic software and other utilities.
−Direct Printing via Driver: This option allows you to connect to the printer using a USB cable.
4. For Print Timeout, type the amount of time in seconds that the printer waits inactive before it
disconnects from a device that is connected to the port. Type 0 to disable the timeout.
5. Click Save.
Copier
38 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
AppleTalk
AppleTalk is a proprietary suite of protocols developed for networking computers by Apple, Inc. An
AppleTalk zone is a group of nodes or networks organized by departments or physical locations.
Before You Begin
• Ensure that there is an existing operational AppleTalk network.
• Determine the AppleTalk Name you wish to assign to your printer.
• Determine the AppleTalk Zone, if used, to assign to your printer.
Configuring AppleTalk
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to AppleTalk, click Edit.
3. For Protocol, select Enabled.
4. Under Printer Name, type the printer name.
5. Under Zone Name, type a name.
6. Click Save.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 39
Network Connectivity
FTP/SFTP Filing
File Transport Protocol (FTP) is a standard network protocol used to pass and manipulate files over a
TCP/IP network. Several services running on your printer, including Network Scanning, Saved Jobs
Backup, and Software upgrade can use FTP as a filing service.
Secure FTP (SFTP) is a standard network protocol that is used with SSH to ensure that data is encrypted
and transferred securely.
Configuring FTP and SFTP Filing Settings
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to FTP/SFTP Filing, click Edit.
3. To configure FTP or SFTP filing settings for each service listed under Within Services, click the link.
4. Under Mode, select an option:
−Passive mode transfers data over a random port specified by the FTP server from a connection
made from the printer.
−Active mode transfers data over a fixed, known port from a connection made from the server.
5. Click Save.
40 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
HTTP
Hypertext Transfer Protocol (HTTP) is a request-response standard protocol between clients and servers.
Clients that make HTTP requests are called User Agents (UAs). Servers that respond to these requests for
resources, such as HTML pages, are called Origin Servers. There can be any number of intermediaries,
such as tunnels, proxies, or gateways between User Agents and Origin Servers.
Enabling HTTP at the Control Panel
1. At the printer control panel, press the Machine Status button, then touch the Tools tab.
2. Touch Network Settings > Advanced Settings.
3. Touch HTTP Settings.
4. Touch Enabled, then touch OK.
5. To apply the settings, touch Finish.
Configuring HTTP Settings in Xerox® CentreWare® Internet Services
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Protocol, next to HTTP, click Edit.
3. For Connection, select Enabled.
4. Type a connection port number as needed.
5. To encrypt HTTP communication, for Force Traffic over Secure Connection (HTTPS), select Yes.
When Force Traffic over Secure Connection (HTTPS) is enabled, all Web pages contain https:// in the
URL.
a. For the Choose Device Certificate menu, for HTTPS, select the Device Certificate.
b. To view the selected certificate details, or to save the certificate to your computer, click
View/Save.
®
c. If you select Xerox
Certificate in your Web browser. Installing the Generic Xerox
that your browser trusts the printer. To download the certificate, click Download the Generic
®
Xerox
Trusted CA Certificate.
d. Change the Secure HTTP Port Number as needed.
6. To configure the printer to wait before it terminates a connection, for Keep Alive Timeout, type a
time from 1–60 seconds.
Note: Increasing the Keep Alive Timeout can cause slow connections.
Default Device Certificate, you can install the Generic Xerox® Trusted CA
®
Trusted CA Certificate ensures
7. Click Save.
Accessing HTTP Web Services
To access the HTTP Web Services page, from the HTTP page, click Web Services.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 41
Network Connectivity
HTTP Web Services
You can enable or disable Web Services on the Web Services page. This page provides a list of all
available Web services on your printer, and displays the configuration status of each service.
• To disable a Web service, clear the check box next to the Web service name.
• To view Web service port numbers or to remove login restrictions, click Advanced Settings.
®
For more information about Xerox Extensible Interface Platform
documentation included in the Xerox Extensible Interface Platform
For information on how to download the SDK, go to www.office.xerox.com/eip/enus.html.
and Web services, see the
®
Software Development Kit (SDK).
Accessing HTTP Advanced Settings
To access the HTTP Web Services Advanced Settings page, from the HTTP page, click Web Services >
Advanced Settings.
HTTP Advanced Settings
The Advanced Web Services page displays all services currently enabled on the printer and their port
numbers.
To remove all login restrictions for web services on the printer, under Web Services IP Lockout, click Clear Lockout.
42 Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer
System Administrator Guide
Network Connectivity
IP
Internet Protocol (IP) is a protocol within the Internet Protocol Suite that manages the transmission of
messages from computer to computer.
Enabling TCP/IP
1. At the printer control panel, press the Machine Status button, then touch the Tools tab.
2. Touch Network Settings > TCP/IP Settings.
3. Touch TCP/IP Enablement.
4. For IPv4 or IPv6, touch Enabled, then touch OK.
5. To apply the settings, touch Finish.
®
Note: By default, IPv4 is enabled. If you disable IPv4, before you can access Xerox
Internet Services, enable IPv4 or IPv6 at the printer control panel. For details, see IP on page 43 and
HTTP on page 41.
CentreWare®
Configuring the Network Address Manually at the Control Panel
1. At the printer control panel, press the Machine Status button, then touch the Tools tab.
2. Touch Network Settings > TCP/IP Settings.
3. Touch Dynamic Addressing.
4. Touch Disabled, then touch OK.
5. Touch IPv4, then type the IPv4 Address, IP Gateway Address, and Network Mask Address. After
each address, touch OK.
6. When you are finished, touch OK.
7. To apply the settings, touch Finish.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 43
Network Connectivity
Configuring DNS Settings at the Control Panel
Domain Name System (DNS) is a system that maps host names to IP addresses.
1. At the printer control panel, press the Machine Status button, then touch the Tools tab.
2. Touch Network Settings > TCP/IP Settings.
3. Touch DNS Configuration.
a. Touch Host Name.
b. Type a host name.
c. Touch OK.
d. Touch Close.
Note: If DHCP is enabled, your DHCP server can provide the Domain Name and the Requested
Domain Name.
e. Touch Domain Name.
f. For Requested Domain Name, type the domain name.
g. Touch OK.
h. Touch Close.
4. Touch DNS Servers.
a. Touch Primary DNS Server, type the server address, then touch OK.
b. Touch Alternate DNS Server #1, type the server address, then touch OK.
c. Touch Alternate DNS Server #2, type the server address, then touch OK.
d. Touch Close.
5. Touch Close.
6. To apply the settings, touch Finish.
44 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
Configuring IP Settings in Xerox® CentreWare® Internet Services
If your printer has a valid network address, you can configure TCP/IP settings in Xerox® CentreWare®
Internet Services. For details, see Assigning a Network Address on page 19.
Configuring IPv4
You can use IPv4 or IPv6 in addition to or in place of the other.
1. In Xerox
2. For Network, next to a connection type, click Edit.
®
CentreWare® Internet Services, click Properties > Connectivity > Setup.
Note: The printer uses separate IPv4, IPv6, and DNS settings for wired and wireless network
connections. Before you configure wireless IP settings, install the Xerox
®
Wireless Network Interface,
then connect to a wireless network. For details, see Connecting to a Wireless Network on page 32.
3. For Configuration Settings, next to IP, click Edit.
4. To configure IPv4, click Show IPv4 Settings.
5. For Protocol, select Enabled.
6. For IP Address Resolution, select an option.
−BOOTP: This option permits the printer to obtain an IP address from a BOOTP server that does
not respond to DHCP requests.
−DHCP: This option permits the printer to obtain an IP address from a DHCP server. This option
permits the printer to obtain an IP address from a BOOTP server that is configured to accept
DHCP requests. The printer requests that the server register the IP address and hostname of
the printer with the DNS server.
−STATIC: This option disables dynamic addressing and allows you to type a static IP address.
Type a Machine IP Address, Subnet Mask, and Gateway Address.
7. For Broadcast, select Enabled as needed.
Note: If the printer does not obtain an IP address from a DHCP/BOOTP server, enable broadcast.
Enable broadcast when your DHCP/BOOTP server is on a different subnet than the printer and
communicates through a relay agent router.
8. For Zero-Configuration Networking, for Self Assigned Address, select Enable as needed. This option
instructs the printer to assign itself an address when a DHCP server does not provide one.
9. Click Apply.
Note: If you select Default All, the printer disables FIPS 140 mode.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 45
Network Connectivity
Configuring IPv6
IPv6 hosts can automatically configure themselves when connected to a routed IPv6 network using the
Internet Control Message Protocol Version 6 (ICMPv6). ICMPv6 performs error reporting for IP along
with other diagnostic functions. When first connected to a network, a host sends a link-local multicast
router solicitation request for configuration parameters. If suitably configured, routers respond to this
request with a router advertisement packet containing network-layer configuration parameters.
®
1. In Xerox
2. For Network, next to connection type, click Edit.
CentreWare® Internet Services, click Properties > Connectivity > Setup.
Note: The printer uses separate IPv4, IPv6, and DNS settings for wired and wireless network
®
connections. Before you configure wireless IP settings, install the Xerox
Wireless Network Interface,
then connect to a wireless network. For details, see Connecting to a Wireless Network on page 32.
3. For Configuration Settings, next to IP, click Edit.
4. To configure IPv6, click Show IPv6 Settings.
Note: If both IPv4 and IPv6 are disabled, you cannot access Xerox
®
To access IPv4 and IPv6 settings in Xerox
CentreWare® Internet Services, enable IPv4, IPv6, or
®
CentreWare® Internet Services.
both, at the printer control panel. If you disable IPv4 and IPv6 or change the IP addresses, any
dependent protocols are disabled.
5. For Protocol, select Enabled.
6. To allow the router to assign address prefixes, for Stateless Addresses, select Use Router Supplied Prefixes.
7. To select how DHCP operates for IPv6, for Default Dynamic Host Configuration Protocol (DHCP)
Settings, select an option.
8. To enter the address manually, for Manual Address Options, select Enable Manual Address.
9. From the menu, select a router prefix, or type a new router prefix, then click Add.
10. To save the new settings, click Apply.
46 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Configuring DNS
Domain Name System (DNS) is a system that maps host names to IP addresses.
1. In Xerox
2. For Network, next to a connection type, click Edit.
®
CentreWare® Internet Services, click Properties > Connectivity > Setup.
Network Connectivity
Note: The printer uses separate IPv4, IPv6, and DNS settings for wired and wireless network
connections. Before you configure wireless IP settings, install the Xerox
®
Wireless Network Interface,
then connect to a wireless network. For details, see Connecting to a Wireless Network on page 32.
3. For Configuration Settings, next to IP, click Edit.
4. To configure DNS, click Show DNS Settings.
5. For Requested Host Name, type a unique name for your printer. If the host name registers to the
DNS server successfully, the host name appears as a Verified Host Name. The default host name is
XRXxxx, where xxx is the MAC address of the printer.
Note: If no host name appears, the host name did not register to the DNS server successfully.
Configure your DHCP server to perform updates on behalf of the DHCP clients.
6. For Requested Domain Name, type the name of the domain to which the printer is connected. If the
domain name registers to the DNS server successfully, the domain name appears as a Verified
Domain Name.
Note: If no domain name appears, the domain name did not register successfully to the DNS server.
Configure your DHCP server to perform updates on behalf of the DHCP clients.
7. To allow users to see and connect to the printer using Bonjour, for Multicast DNS Registration, select
Enabled.
8. For Release this connection's DHCP leases and DNS registrations, select Enabled as needed. This
option allows the printer to send a release request to the DHCP and DNS servers. If the servers grant
the request, the servers release the current IP address and dynamic DNS names. The IP addresses
and DNS names renew immediately and when the printer is turned off.
9. For Additional DNS Server Addresses, type addresses as needed. If you have a DHCP server,
recognized addresses appear in the DNS Server Addresses list.
10. For DNS Connection Timeout, type the time in seconds that the printer waits to connect to a DNS
server. After the timeout period, the printer attempts to connect to any additional DNS servers.
11. To add the printer domain to the Domain Name Search List, for Append Device Domain, select
Enabled.
12. To add the parent domains of the printer to the Domain Name Search List, for Append Parent
Domains, select Enabled.
13. If you have a DHCP server, recognized search domain names appear in the Domain Name Search
List. The list of domain names allows the DNS server to recognize unqualified host names. If you
want the printer to search for other domain names, for Additional Search Domains, enter the
names.
14. To set the printer to use an IPv6 address before it uses an IPv4 address, select Prefer IPv6 Address over IPv4.
15. Click Apply.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 47
Network Connectivity
IPP
Internet Printing Protocol (IPP) is a standard network protocol that allows you to print and manage jobs
remotely. When IPP is configured, IPP authentication allows users to authenticate their identities using
IPP through HTTP authentication methods. An IPP client can pass user credentials to the printer to use
for authentication.
Configuring IPP
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
• Adding LDAP Server Information .................................................................................................................................. 49
®
• Adding or Editing LDAP Servers in Xerox
• Configuring a Secure LDAP Connection ..................................................................................................................... 50
• Configuring LDAP Server Optional Information ..................................................................................................... 50
• LDAP Server Contexts ......................................................................................................................................................... 51
• Configuring LDAP User Mappings ................................................................................................................................ 52
Lightweight Directory Access Protocol (LDAP) is a protocol used to process queries and updates to an
LDAP information directory, on an external server. LDAP can also be used for network authentication and
authorization. LDAP directories are heavily optimized for read performance. Use this page to define how
the printer retrieves user information from an LDAP directory.
CentreWare® Internet Services ................................................ 50
Adding LDAP Server Information
The LDAP Server page displays the current LDAP servers configured for your printer. You can configure a
maximum of nine LDAP servers for your printer.
®
1. In Xerox
2. Under Protocol, next to LDAP, click Edit.
3. Click Add New.
4. Under Server Information, select the preferred address type.
5. Under Friendly Name, type a name for the LDAP server.
6. Type the appropriately formatted address or host name of your server and change the default port
number as needed.
7. Type the appropriately formatted address or host name of your backup server and change the
default port number as needed.
8. Under LDAP Server, select an LDAP server type:
− Exchange for use with Microsoft Exchange.
− Domino for use with Lotus Domino.
− NDS for use with Novell NetWare Directory Service.
− ADS for use with Microsoft Active Directory Service.
− Netscape for use with Netscape or OpenLDAP.
9. Click Apply.
CentreWare® Internet Services, click Properties > Connectivity > Setup.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 49
Network Connectivity
Adding or Editing LDAP Servers in Xerox® CentreWare® Internet Services
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to LDAP, click Edit.
3. To configure an LDAP server, click Add New.
4. To edit an LDAP server configuration, in the Actions column of the server to edit, click Edit.
5. To copy an LDAP server configuration, select the server to copy, then click Copy From.
6. To delete all LDAP servers configured to your printer, click Delete All.
7. To enable SASL binds, click LDAP Policies.
Configuring a Secure LDAP Connection
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Protocol, next to LDAP, click Edit.
3. On the LDAP page, click Add New.
4. To enable a secure connection to the LDAP server, select Enable SSL.
5. To validate the SSL certificate used for HTTPS, select Validate Repository SSL Certificate.
6. To view a list of external root or intermediate trusted SSL certificates, click View Trusted SSL Certificates.
7. For Trusted SSL Certificates, select a certificate.
8. To view the selected certificate details, or to save the certificate to your computer, click View/Save.
Configuring LDAP Server Optional Information
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Protocol, next to LDAP, click Edit.
3. Click Add New.
4. For Optional Information, in the Search Directory Root field, type the root path of the search
directory in Base DN format.
Note: For details on Base DN, see the RFC 2849 - LDAP Data Interchange Format Technical
Specification on the Internet Engineering Task Force website.
5. Specify the login credentials required to access the LDAP directory.
− None: This option instructs the printer to access the LDAP directory.
− Logged-in User: This option instructs the printer to log in to the repository and provide the
credentials of the logged-in user.
−System: This option instructs the printer to use specific credentials when the printer accesses
the repository. If you select System, type the credentials in the Login Name and Password
fields. To update an existing password, select Select to save new password.
50 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
6. To use SSL, for Secure LDAP Connection, select Enable SSL (Secure Socket Layer).
a. To allow the printer to validate certificates, select Validate Repository SSL Certificate
(trusted, not expired, correct FQDN).
b. To select a security certificate, for Trusted SSL Certificate, click the menu, then select an option.
c. To view the selected certificate details, or save the certificate to your computer, click
View/Save.
Note: If the LDAP Server has encryption enabled, ensure that a certificate issued from the LDAP
server certificate authority is installed on the printer.
7. To define the number of addresses returned in a search, for Maximum Number of Search Results,
type a number from 5–100. The default number is 25. To use the maximum number of search
results specified by the LDAP server, select Use LDAP Server Maximum.
8. To allow the printer to use the current settings for the LDAP server, for Search Timeout, select Use LDAP Server Timeout. To specify a time that the printer waits before it times out, select Wait, then
type the number of seconds from 5–100. The default is 30 seconds.
Note: If you experience trouble retrieving results from your LDAP server, use the Wait option.
9. If you connect your primary LDAP server to other servers, to include more LDAP servers in your
searches, select LDAP Referrals.
10. For Perform Search on Mapped Fields, select an option.
− Name: This option instructs the printer to query the configured name field.
− Surname and Given Name: This option instructs the printer to query the configured surname
and given name fields.
−Display Name: This option instructs the printer to query the configured display name field.
Note: If you want to sort your search results, for Sort Results by Mapped Field, select an option.
11. Click Apply.
LDAP Server Contexts
Contexts are defined starting points in an LDAP database from which the search function begins
searching. Contexts are used with the Authentication feature. You can configure the printer to add an
authentication context automatically to the Login Name provided by the user.
Note: Contexts are used only if you configure LDAP server settings and select NDS as the server
type.
Configuring LDAP Contexts
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Protocol, next to LDAP, click Edit.
3. Click Add New.
4. Click the Contexts tab.
5. For Default Login Context, type details as needed.
6. Click Apply.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 51
Network Connectivity
Configuring LDAP User Mappings
LDAP servers display different results depending on how they implement mappings. Use this page to
map LDAP fields to fields on your printer. Editing current map settings allows you to fine-tune server
search results.
Defining User Mappings
1. At the top of the LDAP Server page, click User Mappings.
2. Under Search, type a user name in the Enter Name field, then click Search.
3. Under Imported Heading, click the drop-down menu for each field, then remap them as needed.
The schema on the LDAP server defines the headings.
Notes:
• If using Internet fax, ensure that the Internet Fax field is not set to No Mappings Available.
This setting prevents the Network Address Book from displaying on the Internet fax screen on
the printer control panel. If your LDAP server does not contain a unique Internet fax address
field, it can be set to match the heading for email address.
®
•If the user mapping is incorrect, an LDAP search in Xerox
work properly, but authentication at the printer panel still fails.
4. Click Apply.
CentreWare® Internet Services can
LDAP Custom Filters
You can edit custom filters so that text strings typed at the control panel are changed to match the
format that the LDAP server requires.
There are three types of filters that you can customize:
•LDAP Authentication Filter allows you to add text to the beginning or end of a User ID, or the
Login Name configured as the System Login Name for the server. Typical filters are
domain_name\USERID or USERID@domain_name.
•Email Address Book Filter allows you to customize the standard filter that is used when a user
types a name to search in the Network Address Book.
•User ID Query Filter allows you to customize the standard filter that the printer uses when
searching for the name of the logged-in user. For example, when remote authorization is
configured, and a user logs in at the control panel, the printer searches the authorization server
using this filter. The standard filter looks in the field mapped as the Login Name field. If you are
using an ADS LDAP server, this field is typically sAMAccountName. If you want a search for a
specific person to return an exact match, do not use wildcard characters.
52 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
Configuring Custom Filters
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to LDAP, click Edit.
3. Click the Custom Filters tab.
4. Under LDAP Authentication, select Prepend Domain Name. This setting prepends the base Domain
Name (DN) to a user Relative Distinguished Name (RDN) when authenticating the user. Use the
Common Name (CN) attribute to specify USERID in the base DN.
Notes:
•If Authenticated User is selected for Login Credentials to Access LDAP Server, some UNIX/Linux
LDAP servers can require setting the Prepend Domain Name attribute.
•For details on Base DN formatting, see the RFC 2849 - LDAP Data Interchange Format (LDIF)
Technical Specification on the IETF website.
5. Under Email Address Book Filter, select Enable Custom Filter.
6. Type the LDAP search string or filter as needed, where LDAP represents the string provided for the
query. The filter defines a series of conditions that the LDAP search must fulfill to return the desired
information. For example, to find people only, type (ObjectClass=Person)&(cn=LDAP*).
7. Under User ID Query Filter, select Enable Custom Filter.
8. Type the LDAP search string or filter where LDAP represents the string provided for the query. The
filter defines a series of conditions that the LDAP search must fulfill to return the desired
information. For example, to ensure that only a person is returned rather than equipment or
conference rooms, type (objectClass=user) (sAMAccountName=LDAP).
9. Click Apply.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 53
Network Connectivity
LPR/LPD
The Line Printer Daemon (LPD) and Line Printer Remote (LPR) protocols provide printer spooling and
network print server functionality for UNIX-based systems, such as HP-UX, Linux, and Macintosh.
®
1. In Xerox
2. Under Protocol, next to LPR/LPD, click Edit.
3. For Protocol, select Enabled.
4. Under Port Number, type a value.
5. Under PDL Switching, to allow multiple printer languages in a single job, select Enabled. This option
allows the printer to process a single print job that contains two or more printer languages. An
example is a PostScript print job with a PCL header.
6. Under PDL banner page attributes to override LPR control file attributes for job name and owner,
select Enabled. This feature allows you to replace the standard information displayed on a banner
page with the user name and job name from the print job.
7. Under Place temporary hold on which jobs, select an option:
− None (Use printer's default banner sheet job name if data file 1st) does not wait to receive
− Only those with data file received 1st holds the job when the data file for the job is received
− All (consistent with older implementations) puts all jobs on hold. The job prints when the
8. Click Save.
CentreWare® Internet Services, click Properties > Connectivity > Setup.
the job control information. This selection can cause banner page information to print
incorrectly.
first. This option ensures that the printer waits to receive the control file information to print
banner page details correctly.
printer receives all job data. This setting can cause jobs to print slowly but results in accurate
banner page information.
54 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
NetWare
NetWare is a network operating system developed by Novell to run various services using cooperative
multitasking.
Before you begin:
• Ensure an existing operational NetWare network is available.
• Verify that you have administrator rights to log in to a NetWare file server or tree.
• Ensure that the printer is connected to the network.
• Set up a print server object using the appropriate Novell utility. Refer to the Novell system
documentation for help.
Configuring NetWare General Settings
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to Netware, click Edit.
3. In the General pane, under Protocol, select Enabled.
4. Under Frame Type, select an option.
5. Under Queue Poll Interval, type a rate from 1 through 240 seconds.
6. Under Printer Server Name, type a name.
7. Under New Print Server Password, type a server password. Retype the password to confirm.
8. Enable Select to save new password.
9. Click Save.
Enabling SAP
Service Advertising Protocol (SAP) sends periodic broadcast messages to other network components
about available services on the printer. SAP facilitates dynamic adding and removing of services on an
IPX internetwork. As servers start up and shut down, they can advertise and remove their services using
SAP.
®
1. In Xerox
2. Under Protocol, next to Netware, click Edit.
3. In the SAP pane, under Protocol, select Enabled.
4. Under SAP Frequency, type a value from 15 through 300 seconds.
5. Click Save.
Xerox
System Administrator Guide
CentreWare® Internet Services, click Properties > Connectivity > Setup.
®
WorkCentre® 6655/6655i Color Multifunction Printer 55
Network Connectivity
Bindery Settings
Bindery services are a stand-alone database system that contains user information and security data.
NetWare can use Bindery services for authentication.
If you are using Bindery mode, under Bindery Settings, in the File Server fields, type the names of up to
four primary file servers.
Note: When the printer uses Bindery mode, the NDS Tree and NDS Context fields are ignored.
NetWare Directory Services (NDS) is a hierarchical, object-oriented database that represents all of the
assets of an organization in a logical tree structure. Assets can include printers, servers, computers,
people, organizations, and more.
®
1. In Xerox
2. Under Protocol, next to Netware, click Edit.
3. In the NetWare Directory Services (NDS) pane, select an option:
− IPv4 sets a static IPv4 address.
− Host Name is configured with an NDS server.
Note: Select NDS server only if using Workflow Scanning or server fax.
4. Under NDS Tree, type a name. If using bindery or bindery emulation, leave blank.
5. Under NDS Context, type a name. If using bindery or bindery emulation, leave blank.
6. Under NDS Server, type an IP address as needed.
7. Click Save.
CentreWare® Internet Services, click Properties > Connectivity > Setup.
NDPS/NEPS
Novell Distributed Print Services (NDPS)/Novell Enterprise Print Services (NEPS) allow you to manage
printers in an NDPS environment. To configure and manage network print services, the Xerox NDPS
solution provides Xerox
NetWare users do not need to install individual print drivers. When users connect to a printer, the proper
print driver is downloaded. Printer objects are created automatically in the NDS Tree. Users can monitor
real-time printer and job status.
To download the Xerox NDPS/NEPS Agent documentation and print drivers, go to
www.xerox.com/office/support.
56 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
®
plug-ins for Novell NWAdmin and iManager tools.
Network Connectivity
NTP
The Network Time Protocol (NTP) synchronizes the internal clocks of computers over a network
connection at system startup and every subsequent 24-hour period thereafter. If your printer uses DHCP
and an NTP server, or if a DHCP server provides Greenwich Mean Time (GMT) offset, these settings are
ignored.
®
1. In Xerox
2. Under Protocol, next to NTP, click Edit.
3. Under NTP Enabled, select Enabled.
4. Select IPV4 Address or Host Name.
5. Under IP Address: Port and Alternate IP Address: Port, type the address and port numbers.
6. Click Save.
7. For the new settings to take effect, restart your printer.
CentreWare® Internet Services, click Properties > Connectivity > Setup.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 57
Network Connectivity
POP3
Post Office Protocol, version 3 (POP3) is a protocol that allows email clients to retrieve email from remote
servers over TCP/IP on network port 110. This printer uses POP3 for the Internet fax and email features
to retrieve fax jobs over email. POP3 is not compatible with IPv6.
®
1. In Xerox
2. Under Protocol, next to POP3 Setup, click Edit.
3. Under Server Information, select IPv4 or Host Name.
4. Type the address or server name.
5. Under Login Name, type the name assigned to the printer used to log in to the POP3 server.
6. Under Password, type and confirm a password.
7. To save the new password, click Select to save new password.
8. In the POP3 Settings pane, select Enable receipt of Email via POP3.
9. Under Polling Interval, type a value from 1 through 60.
10. Click Save.
CentreWare® Internet Services, click Properties > Connectivity > Setup.
58 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
Proxy Server
A proxy server acts as a go-between for clients seeking services and servers that provide them. The proxy
server filters client requests and if the requests meet the proxy server filtering rules, it grants the request
and allows the connection.
A proxy server has two main purposes:
• To keep any devices behind it anonymous for security purposes.
• To cache content from resources, such as Web pages from a Web server, to increase resource access
time.
Configuring the Proxy Server
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to Proxy Server, click Edit.
3. In the HTTP Proxy Server pane, select Enabled.
4. Select the Proxy Server address type. Options are IPv4 Address, IPv6 Address, or Host Name.
5. Type the appropriately formatted address and port number.
6. Click Save.
Note: Proxy server settings apply to features that use HTTP or HTTPS. Examples are, Smart
eSolutions, Xerox Online Support, Workflow Scanning destinations and template pool repositories
using HTTP or HTTPS. Not all printer models support these features.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 59
Network Connectivity
Raw TCP/IP Printing
Raw TCP/IP is used to open a TCP socket-level connection over Port 9100, and stream a print-ready file
to the printer input buffer. It then closes the connection either after sensing an End Of Job character in
the PDL or after expiration of a preset timeout value. Port 9100 does not require an LPR request from the
computer or the use of an LPD running on the printer. Raw TCP/IP printing is selected in Windows as the
Standard TCP/IP port.
Configuring Raw TCP/IP Settings
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Protocol, next to Raw TCP/IP Printing, click Edit.
3. On the Raw TCP/IP Printing tab, for Protocol, select Enabled.
4. For TCP Port Number, ensure that Port 1 is set to 9100.
Note: To emulate HP JetDirect EX Plus 3, set Port 2 to 9101 and Port 3 to 9102.
5. Next to Bidirectional, for each active port, select Enabled.
6. Next to Maximum Connections per Port, for each active port, type a number from 1 through 32.
7. Next to For End of Job Timeout, for each active port, type a time in seconds from 0 through 1800.
8. Next to PDL Switching, for each active port, select Enabled as needed.
Note: PDL Switching allows the printer to switch automatically between multiple supported PDLs
within a single job.
9. To save the new settings, click Apply.
10. To return all settings to the default status, click Default All.
60 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
Configuring Raw TCP/IP Advanced Settings
1. On the Raw TCP/IP Printing page, click the Advanced tab.
2. Under Connections, set the following:
− Set the Maximum Connections per port between 1–32. The default port value is 32.
− To allow concurrent jobs to process for each port connection, type a number between 0–500
jobs in each port. Type 0 to allow unlimited concurrent jobs.
−To limit the number of jobs that are active for each port connection, type a number between
0–32768. Type 0 to allow unlimited number of active jobs.
3. Under Job Boundary Determination:
−Type the End of Job Timeout between 0–1800 seconds to specify the amount of time to pass
before a job processes with an End of Job character. The default time is 300 seconds. Type 0 to
disable end of job detection by timeout.
4. Under Backchannel Data:
−Enable Backchannel Data Transmission to Client, then, enable Out of Order Backchannel
5. Under Banner Page Printing:
6. Miscellaneous
7. Click Apply to save the new settings or Undo to retain the previous settings.
Data to allow data from several jobs to be interspersed.
Note: Out of Order Backchannel Data is only available when Backchannel Data Transmission to
Client is enabled.
−To restrict banner pages to print for specific jobs only, select the job types from the Banner
Page Enabled drop-down menu. Options are First Job Only, No Jobs, or All Jobs.
− To enable banner pages to print before each PDL document within a single job, select Enabled
for Banner Page for Each Document of Job.
−To restrict banner pages to print for jobs that specifically request them through PJL, select
Enabled for Banner Page for Job Containing only PJL Commands.
−To allow the printer to switch between multiple PDLs within a single job, select Enabled for
Language (PDL) Switching within PJL Job.
−To force parsing of job data, select Enabled for Job Data Parsing Override.
Note: Job data is not parsed when bidirectional communication and PDL switching are disabled.
Click Default All to reset settings to default values.
Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer 61
System Administrator Guide
Network Connectivity
SLP
Printers use Service Location Protocol (SLP) to announce and look up services on a local network without
prior configuration. When SLP is enabled, the printer becomes a Service Agent (SA) and announces its
services to User Agents (UA) on the network using SLP.
Directory Agents (DA) are components that cache services. They are used in larger networks to reduce
the amount of traffic. DAs are optional. If a DA is present, then User Agents (UAs) and System Agents
(SAs) are required to use it instead of communicating directly with the printer.
Configuring SLP
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to SLP, click Edit.
3. For Protocol, select Enabled.
4. For Directory Agent, type the IP address for the Directory Agent (DA) as needed.
5. To group services, under Scope 1, 2, and 3, type a name as needed. Printers cannot recognize
services that are in different scopes.
6. For Message Type, select an option.
− Multicast routes multicast packets between subnets.
− Broadcast does not route packets between subnets.
7. Under Multicast Radius, type a value from 0 through 255.
Multicast Radius defines how many routers the multicast packet can cross.
8. For Maximum Transmission Unit (MTU), type a value from 484 through 32768.
Note: The maximum MTU for IP over Ethernet is 1500 bytes.
9. Click Save.
62 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
SMB Filing
You can specify Kerberos authentication options for features that file images to an SMB-shared network
location.
Configuring Kerberos Authentication Options for SMB
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to SMB Filing, click Edit.
3. Under With Kerberos Tickets, for Workflow Scanning, Server Fax, and Scan to Home features, select
an option:
−Always File with Kerberos Ticket instructs the printer to attempt to use Kerberos
authentication to the SMB shared network location. Configure Network Authentication or
Smart Card Authentication using a Kerberos server.
−Prefer Filing with Kerberos Ticket instructs the printer to authenticate to the SMB shared
network location with a Kerberos ticket if available. If a Kerberos ticket is not available, or
Kerberos authentication fails, the printer attempts to authenticate using other methods, such
as NT, or NTLM.
−Do Not File with Kerberos Ticket instructs the printer to attempt to authenticate to the SMB
shared network location using other methods, such as NT, or NTLM. Do not select this option
when Smart Card authentication is enabled. If you select this option when Smart Card
authentication is enabled, SMB file transmission fails, and an error message appears on the
touch screen.
4. Under Without Kerberos Tickets, click the appropriate link to navigate to the Configuration Page for
features that use SMB as needed. Features listed use SMB, but cannot use Kerberos authentication.
Disable these features or configure them to use a protocol other than SMB for FIPS 140 compliance.
5. Click Save.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 63
Network Connectivity
SMTP Server
Simple Mail Transfer Protocol (SMTP) is an Internet standard used to transmit email across IP networks.
Your printer uses SMTP to transmit scanned images, Internet fax jobs, and alerts through email.
Configuring SMTP Server Settings
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to SMTP, click Edit.
3. To allow the printer to use DNS to identify an SMTP server on your network automatically, under
Server, select Use DNS.
4. To specify an SMTP server manually, select Specify SMTP Server manually.
a. For address type, select an option. Options are IPv4 Address, IPv6 Address, or Host Name.
b. Type the appropriately formatted address and port number.
5. Under Device Email Address, type the email address of the printer.
6. Click Apply.
Configuring SMTP Authentication Settings
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Protocol, next to SMTP (Email), click Edit.
3. On the SMTP (Email) page, click the SMTP Authentication tab.
4. For SMTP Login credentials applied to email jobs sent from the touch interface of the printer, select
an option.
− None: The server does not require the printer to provide a user name or password.
− System: The printer uses the information provided in the Login Name and Password fields to
access the server.
− Logged-in User: The printer provides the credentials of the authenticated user to the server.
− Prompt at User Interface: This option requires users to type a login name and password at the
control panel.
5. For SMTP Login credentials for the printer to Access the SMTP Server to send automated emails,
select an option.
− None: The server does not require the printer to provide a user name or password.
− System: The printer uses the information provided in the Login Name and Password fields to
access the server.
6. Click Apply.
64 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
Configuring SMTP Connection Encryption Settings
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Protocol, next to SMTP (Email), click Edit.
3. On the SMTP (Email) page, click the Connection Encryption tab.
4. To encrypt SMTP communication, for Encryption Mechanism used by devices when Communicating with the SMTP Server, select an option.
Note: If you do not know the encryption method that your server supports, select STARTTLS (if
available). If you select STARTTLS (if available), the printer attempts to use STARTTLS. If your
server does not support STARTTLS, SMTP communication is not encrypted.
5. Click Apply.
Configuring SMTP File Size Management
1. On the SMTP (Email) page, click the File Size Management tab.
2. To define a maximum message size for messages with attachments, type a value between
512–20480 KB in the Maximum Message Size field.
3. To improve transmission speed, set messages to fragment between 1–500 times.
4. To set a maximum job size, type a value between 512–2000000 KB in the Total Job Size field.
5. If you selected more than 1 fragment in Number of Fragments, under Email Job Splitting Boundary,
select an option:
− Page Boundary instructs the mail client not to reassemble the job on receipt.
− Automatic Boundary instructs the mail client to reassemble the job on receipt.
6. Click Apply.
Testing SMTP Configuration Settings
1. On the SMTP (Email) page, click the Test Configuration tab.
2. Under To Address, type an email address.
3. To send a test email to the address, click Send Email.
If the email transmission succeeds, a confirmation message appears. If the transmission fails, an
error message appears.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 65
Network Connectivity
SNMP
Simple Network Management Protocol (SNMP) is a set of network protocols designed to allow you to
manage and monitor devices on your network.
®
You can use the SNMP configuration pages in Xerox
• Enable or disable Authentication Failure Generic Traps.
• Enable SNMPv3 to create an encrypted channel for secure printer management.
• Assign privacy, authentication protocols, and keys to Administrative and key user accounts.
• Assign read and write access to User accounts.
• Limit SNMP access to the printer using hosts.
Enabling SNMP
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to SNMP, click Edit.
3. Select an option:
− To enable SNMP v1/v2c, select Enable SNMP v1/v2c Protocols.
− To enable SNMP v3, select Enable SNMP v3 Protocol.
4. To prompt the printer to generate a trap for every SNMP request processed with an invalid
community name, for Authentication Failure Generic Traps, select Enabled.
5. Click Save.
CentreWare® Internet Services to:
Configuring SNMPv1/v2c
SNMP version 1 (SNMPv1) is the initial implementation of the SNMP protocol. SNMPv1 operates over
protocols such as User Datagram Protocol (UDP), IP, and Novell Internet Packet Exchange (IPX).
SNMPv2c includes improvements in performance, confidentiality, and manager-to-manager
communications over SNMPv1, however it uses the simple-community based security scheme of
SNMPv1.
®
1. In Xerox
2. Under Protocol, next to SNMP, click Edit.
3. Click Edit SNMPv1/v2c Properties.
4. Under GET Community Name, type a name.
GET returns the password for the SNMP GET requests to the printer. Applications obtaining
information from the printer using SNMP, such as Xerox
password.
66 Xerox
System Administrator Guide
CentreWare® Internet Services, click Properties > Connectivity > Setup.
®
CentreWare® Internet Services, use this
®
WorkCentre® 6655/6655i Color Multifunction Printer
Network Connectivity
5. Under SET Community Name, type a name.
SET returns the password for the SNMP SET requests to the printer. Applications that set
information on the printer using SNMP use this password.
CAUTION: Changes made to the GET or SET community names for this printer require corresponding
changes to the GET or SET community names for applications using SNMP.
6. Under TRAP Community Name, type a name.
Note: Use the Default TRAP Community Name to specify the default community name for all traps
the printer generates. Individual Trap Community Names specified for each trap destination
address can override the community name. Each Trap Community Name must be unique.
7. Click Save to apply the new settings or Undo to retain the previous settings.
Configuring SNMPv3
SNMPv3 is the current standard version of SNMP defined by the Internet Engineering Task Force (IETF).
It provides three important security features:
• Message integrity to ensure that a packet has not been tampered with in transit
• Authentication to verify that the message is from a valid source
• Encryption of packets to prevent unauthorized access
Editing SNMPv3 Properties
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to SNMP, click Edit.
3. Click Edit SNMPv3 Properties.
4. To create the administrator account, under Administrator Account, select Account Enabled.
5. Type and confirm the Authentication Password. The Authentication Password is used to generate a
key used for authentication.
6. Type and confirm the Privacy Password. The Privacy Password is used for encryption of SNMPv3
data. The passphrase used to encrypt the data must match the passphrase on the Server.
Note: Ensure that the passwords are at least eight characters in length. You can include any
characters except control characters.
7. To save the new password, click Select to save new password.
8. Under Print Drivers/Remote Clients Account, click Account Enabled. To reset the default password,
click Reset. This account allows Xerox
9. Click Save to apply the new settings or Undo to retain the previous settings.
®
clients and drivers limited access to objects on the printer.
Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer 67
System Administrator Guide
Network Connectivity
Configuring SNMP Advanced Settings
You can add, edit, or delete IP and IPX addresses for Network Management workstations that receive
traps from the printer.
Configuring SNMP Advanced Settings
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to SNMP, click Edit.
3. Click Advanced Settings.
4. To add an IP trap destination address, under Trap Destination Addresses, click Add IP Address.
5. To add an IPX trap destination address, under Trap Destination Addresses, click Add IPX Address.
6. To edit an address, next to the address click Edit.
7. To delete an address, select the check box next to the address and click Delete.
Adding or Editing an IP Trap Destination Address
1. On the Advanced Settings page, click Add IP Address, or select an existing address and click Edit.
2. Type the IP address of the host running the SNMP manager that receives traps.
3. Type the UDP Port Number. The default is 162 for traps.
4. Select the SNMP version based on what the system receiving traps supports.
5. Select the type of traps that the SNMP manager receives under Traps to be Received.
6. Click Save to apply the new settings or Undo to retain the previous settings.
7. Click Cancel to return to the previous page.
Adding or Editing an IPX Trap Destination Address
1. On the Advanced Settings page, click Add IPX Address, or select an existing address and click Edit.
2. Type the 8-digit hexadecimal number that identifies the IPX External Network host configured to
receive the trap.
3. Type the 48-bit Physical MAC Address of the computer running the SMNP manager application
receiving the trap.
4. Type the IPX Socket Number of the computer running the SNMP manager application configured to
receive the packets. The default IPX Socket Number is 9010.
5. Select the SNMP Version.
6. Select the type of traps that the SNMP manager receives under Traps to be Received.
7. Click Save to apply the new settings or Undo to retain the previous settings.
8. Click Cancel to return to the previous page.
68 Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer
System Administrator Guide
Network Connectivity
SSDP
Simple Service Discovery Protocol (SSDP) provides processes to allow network clients with little or no
static configuration to discover network services. SSDP provides multicast discovery, server-based
notification, and discovery routing options.
®
1. In Xerox
2. Under Protocol, next to SSDP, click Edit.
3. For Protocol, select Enabled.
4. Under Cache Control, type a number from 1 through 43200.
5. Under Time to Live, type a number from 1 through 60.
6. Click Save.
CentreWare® Internet Services, click Properties > Connectivity > Setup.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 69
Network Connectivity
WSD
Web Services for Devices (WSD) is technology from Microsoft that provides a standard method for
discovering and using network connected devices. It is supported in Windows Vista, Windows Server
2008, and newer operating systems. WSD is one of several supported communication protocols.
Enabling WSD
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. Under Protocol, next to WSD, click Edit.
3. Under WSD Services, select Enabled.
4. Click Save.
70 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
• Disabling the System Administrator Password Reset ......................................................................................... 132
www.xerox.com/security
4
Security
This chapter includes:
• Setting Access Rights .......................................................................................................................................................... 72
• FIPS 140-2 ............................................................................................................................................................................... 94
• Stored Data Encryption ..................................................................................................................................................... 96
• IP Filtering ............................................................................................................................................................................... 97
• System Timeout .................................................................................................................................................................. 120
• Overwriting Image Data ................................................................................................................................................. 121
• USB Port Security ............................................................................................................................................................... 126
• Displaying or Hiding Network Settings ..................................................................................................................... 127
• Hiding User Names on the Control Panel ................................................................................................................
• Verifying the Software ..................................................................................................................................................... 129
• Specifying Email and Internet Fax Recipient Restrictions ................................................................................ 131
128
See also:
®
Xerox
System Administrator Guide
WorkCentre® 6655/6655i Color Multifunction Printer 71
Security
Setting Access Rights
You can control access to services and features by setting up authentication and authorization.
Personalization allows the printer to retrieve user information to customize features.
Authentication
Authentication is the process of confirming your identity. When the system administrator enables
authentication, the printer compares the information that you provide to another source of information,
such as an LDAP directory. The information can be a user name and password, or the information stored
on a magnetic, proximity, or smart card. If the information is valid, you are considered an authenticated
user.
There are several ways to authenticate a user:
•User Name / Password - Validate on the Device enables local authentication. Users prove their
identity by typing a user name and password at the control panel or in Xerox
Internet Services. The printer compares the user credentials to the information stored in the user
database. If you have a limited number of users, or do not have access to an authentication server,
use this authentication method.
•User Name / Password - Validate on the Network enables network authentication. Users prove
their identity by typing a user name and password at the control panel or in Xerox
Internet Services. The printer compares the user credentials to the information stored on an
authentication server.
®
CentreWare®
®
CentreWare®
Note: The printer can use one of the following authentication server types: Kerberos (Solaris or
Windows), NDS, SMB (Windows 2000/2003), or LDAP.
•Convenience Authentication enables authentication for a proximity card reader. Users swipe a
pre-programmed identification card at the control panel. To use this method, purchase and install a
®
USB card reader and an authentication server that supports the Xerox
Convenience Authentication
API.
•Xerox Secure Access Unified ID System enables authentication for the Xerox Secure Access
Unified ID System. Users present a pre-programmed identification card to a card reader at the
control panel. The printer compares the user credentials to the information stored on the Xerox
Secure Access server. To use this method, purchase and install the Xerox Secure Access Unified ID
System.
•Smart Cards enables authentication for a smart card reader. Users insert a pre-programmed
identification card in a carder reader at the control panel. To use this method, purchase and install a
smart card reader system.
®
72 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Security
Authorization
Authorization is the function of specifying the features that users are allowed to access, and the process
of approving or disapproving access. You can configure the printer to allow users to access the printer,
but restrict access to certain features, tools, and services. For example, you can allow users to access
copying but restrict access to scanning. You can also control access to features at specific times of the
day. For example, you can restrict a group of users from printing during peak business hours.
There are two types of authorization:
• Local Authorization verifies user information on the printer to approve access.
• Network Authorization verifies user information stored externally in a network database, such as
an LDAP directory, to approve access.
Personalization
Personalization is the process of customizing services for a specific user. The printer searches an LDAP
directory for the home directory and email address of a user when using Scan to Home, or Email
Scanning features.
Setting the Login Method
1. In Xerox® CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
2. Click Login Methods.
3. In the upper right-hand corner, click the pencil icon.
4. To set the authentication method for logging in to control panel, under Touch UI Method, select an
option.
5. If you selected Convenience Authentication or Smart Cards as the authentication method, you can
also allow users to log in at the control panel. This option is useful if a user loses their smart card,
but must access the printer. Under Alternate authentication method on the machine's touch
interface, select User Name / Password Validated Remotely on the Network.
®
6. To set the authentication method for logging in to Xerox
Web UI Method, select an option.
7. To retrieve the home directory and email address of a user when using Scan to Home, or Email
Scanning features, select Personalize Touch UI.
8. Click Save.
CentreWare® Internet Services, under
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 73
Security
Configuring Authentication Settings
Configuring Local Authentication Settings
When you configure local authentication, users prove their identity by typing a user name and password
at the control panel or in Xerox
®
CentreWare® Internet Services. The printer compares the user
credentials to the information stored in the user database. If you have a limited number of users, or do
not have access to an authentication server, use this authentication method.
To configure access rights using local authentication:
•Set the login method to User Name / Password - Validate on the Device. For details, see Setting
the Login Method on page 73.
• Add user information to the user information database.
• If you enabled Personalization, configure LDAP server settings.
• Configure authorization settings. For details, see Authorization on page 84.
®
The Login Methods page in Xerox
CentreWare® Internet Services provides links to authentication and
personalization configuration settings.
1. In Xerox
2. Click Login Methods.
®
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
User Database
The user database stores user credential information. The printer uses this information for local
authentication and authorization, and for Xerox
authentication, the printer checks the credentials that a user provides against the information in the user
database. When you configure local authorization, the printer checks the user database to determine
which features the user is allowed to access.
Note: User names and passwords stored in the user database are not transmitted over the network.
®
Standard Accounting. When you configure local
74 Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer
System Administrator Guide
Adding User Information to the User Database
1. In Xerox® CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
2. For Device User Database, click Edit.
3. Click Add New User.
4. Type a User Name and Friendly Name for the user.
5. Type a Password for the user, then retype it to verify.
Notes:
• The Password field only appears if the selected authentication method is local authentication.
• If you have configured local authorization, you can add the user to a role.
6. To add the user to a role, select the check box next to the role:
−Accounting Administrator: This role allows the user to access accounting settings and other
services and settings that are locked.
−System Administrator: This role allows the user to access all services and settings.
Note: If you have created any user roles, they also appear in the list.
7. Click Save.
Security
Specifying Password Requirements
1. In Xerox® CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
2. For Device User Database, click Edit.
3. Click Password Settings.
4. Specify the password Minimum Length and Maximum Length.
5. Select rules as desired:
− Cannot contain Friendly Name
− Cannot contain User Name
− Must contain at least one number
6. Click Save.
Note: New password rules do not affect existing passwords.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 75
Security
Configuring Network Authentication Settings
When you configure network authentication, to prove their identity, users type their name and password
in at the control panel or in Xerox
®
CentreWare® Internet Services. The printer compares the user
credentials to the information stored on an authentication server.
Note: If two or more authentication servers are configured, then the IPP Authentication Policy
window appears. The IPP Authentication Policy is used to determine which server to use for IPP
Authentication.
To configure access rights using network authentication:
•Set the login method to User Name / Password - Validate on the Network. For details, see Setting
the Login Method on page 73.
• Provide information about your authentication server and configure authentication server settings.
• If you enabled Personalization, configure LDAP server settings.
• Configure authorization settings. For details, see Authorization on page 84.
®
The Login Methods page in Xerox
CentreWare® Internet Services provides links to authentication and
personalization configuration settings.
1. In Xerox
2. Click Login Methods.
®
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
Configuring Authentication Server Settings for Kerberos
1. On the Login Methods page, for Authentication Servers, click Edit.
2. For Authentication Type, select Kerberos.
3. Click Add New.
4. For Server Information, in the Domain or Realm field, type the domain or realm for your
authentication server.
5. Select the desired address type.
6. Type the appropriately formatted address and port numbers for both the primary and backup
addresses.
Note: A backup address is optional.
7. To use an LDAP server for network authorization or personalization:
a. Click Add LDAP Mapping.
b. Select the LDAP server from the list and click Add Mapping, or click Add New to add an LDAP
server.
8. Click Save.
9. To specify server settings for an alternate authentication server, click Add New.
10. To copy the settings from another server, select a server from the list, then click Copy From.
11. To update the settings, click Edit.
76 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Configuring Authentication Server Settings for NDS
1. On the Login Methods page, next to Authentication Servers, click Edit.
2. Under Authentication Type, select NDS (Novell).
Note: If you do not see this authentication type, ensure that the NetWare protocol has been
enabled under Connectivity > Setup > NetWare > Edit.
3. Click Add New.
4. Under Default Tree/Context, in the Tree and Context fields, type the details.
5. Click Save Server.
6. To specify server settings for an alternate authentication server, click Add New.
7. To copy the settings from another server, select a server from the list and click Copy From.
8. Click Edit to update the settings.
Configuring Authentication Server Settings for SMB
1. On the Login Methods page, next to Authentication Servers, click Edit.
2. Under Authentication Type, select SMB (Windows NT 4) or SMB (Windows 2000/2003).
3. Click Add New.
4. Under Domain, type the domain name of your authentication server.
5. Select the address type.
6. Type the appropriately formatted address and port number.
7. Click Save.
8. To specify server settings for an alternate authentication server, click Add New.
9. To copy the settings from another server, select a server from the list and click Copy From.
10. Click Edit to update the settings.
Security
Configuring Authentication Server Settings for LDAP
The printer uses the primary LDAP server for authentication, authorization, and personalization. The
primary LDAP server is the server that appears at the top of the LDAP server list on the LDAP Server
page in Xerox
the printer uses this server automatically when you select LDAP as the network authentication or
authorization method. The printer only uses alternate LDAP servers for authorization and
personalization when primary LDAP server communication fails.
1. On the Login Methods page, next to Authentication Servers, click Edit.
2. Under Authentication Type, select LDAP.
3. Click Add New.
4. Configure LDAP server settings, then click Apply.
Xerox
System Administrator Guide
®
CentreWare® Internet Services. If you already have configured LDAP server settings,
®
WorkCentre® 6655/6655i Color Multifunction Printer 77
Security
Configuring Xerox Secure Access Unified ID System Authentication Settings
When Xerox® Secure Access authentication is configured, users swipe a pre-programmed identification
card at the control panel. The printer compares the user credentials to the information stored on the
®
Xerox
Unified ID System.
To configure access rights using Xerox Secure Access Unified ID System authentication:
• Install the Xerox
• Enable the Authentication and Accounting Configuration Web service. For details, see HTTP on
• Format and configure identification cards.
• Connect your card reader to the USB Port.
• Set the login method to Xerox Secure Access - Unified ID System For details, see Setting the Login
• Configure Xerox
• Enable the Xerox
• If you enabled Personalization, configure LDAP server settings. For details, see LDAP server settings
• Configure authorization settings. For details, see Authorization on page 84.
Secure Access server. To use Xerox® Secure Access, purchase and install the Xerox Secure Access
®
Secure Access authentication server software and configure it with user accounts.
For details, see the Xerox Secure Access Unified ID System documentation.
page 41.
Method on page 73.
®
Secure Access Setup settings.
®
Secure Access Web service. For details, see HTTP on page 41.
on page 49.
®
The Login Methods page in Xerox
CentreWare® Internet Services provides links to authentication and
personalization configuration settings.
1. In Xerox
2. Click Login Methods.
®
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
Configuring Xerox Secure Access
1. On the Login Methods page, next to Xerox® Secure Access Setup, click Edit.
2. Configure the remote server. For details, see the instructions provided with your server hardware.
Once the server is configured, it communicates with the printer and automatically completes the
configuration process.
3. To configure communication manually, personalize instructional windows, and review accounting
options, click Manually Configure.
4. To return to the Login Methods page, click Pending Remote Server Setup.
5. To configure any settings that are marked in red text as Required; Not Configured, in the table at
the bottom of the page, click Edit.
78 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Security
Manually Configuring Xerox Secure Access Settings
If you are using Xerox® Secure Access for authentication, you can manually configure remote server
communication, personalize instructional windows, or review accounting options.
Before you begin:
®
Configure the Xerox
1. On the Login Methods page, next to Xerox
2. Click Manually Configure.
3. Under Server Communication, select the address type and port number.
4. Type the appropriately formatted address and port number.
5. In the Path field, type the following HTTP path: public/dce/xeroxvalidation/convauth.
6. Under Embedded, select Enabled.
7. Under Device Log-In Methods, select an option:
− Xerox Secure Access Device Only allows users to access the printer only using the card reader.
access the printer by logging in at the control panel.
8. When Network Accounting is configured, the printer can obtain user accounting information from
the authentication server. To reduce the number of screens that appear when a user logs in at the
control panel, select Automatically apply Accounting Codes from the server.
If you want users to provide an accounting code at the control panel, select User must manually enter accounting codes at the device.
9. To create login instructions for users, under Device Instructional Blocking Window, type text in the
fields.
a. In the Window Title field, type text to appear as a title at the top of the touch screen.
b. In the Instructional Text field, type instructions that appear below the title.
Secure Access authentication server.
®
Secure Access Setup, click Edit.
Note: If the Title and Prompt are configured on the Xerox Partner authentication server, then any
instructional text that you type is ignored.
10. Click Save.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 79
Security
Configuring Convenience Authentication Settings
When Convenience Authentication is enabled, users swipe a pre-programmed identification card
through a proximity card reader at the control panel. To use this method, purchase and install a USB
card reader and an authentication server that supports the Xerox
®
The Login Methods page in Xerox
CentreWare® Internet Services provides links to authentication and
personalization configuration settings.
1. In Xerox
®
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
2. Click Login Methods.
To configure access rights using Convenience Authentication:
• Format and configure identification cards.
• Connect your card reader to the USB Port.
®
•Enable the Xerox
Secure Access Web service.
•Set the login method to Convenience Authentication. For details, see Setting the Login Method on
page 73.
•To provide information about your authentication server, next to Convenience Authentication
Setup, under Action, click Edit.
®
•To enable the Xerox
Secure Access Web service, next to Web Service Enablement, under Action,
click Edit.
• To configure card reader policies, next to Card Reader Setup, click Edit.
• To customize the title and instruction text that appears on the blocking screen, next to Customized
Blocking Screen, click Edit.
•If you selected an alternate login method that requires a network authentication server, provide
information about your server. Next to Authentication Servers, under Action, click Edit.
•To provide information about your LDAP server for personalization, next to LDAP Servers, under
Action, click Edit.
•Configure authorization settings. For details, see Authorization on page 84.
®
Convenience Authentication API.
Configuring an Authentication Server for Convenience Authentication
1. On the Login Methods page, next to Convenience Authentication Setup, click Edit.
2. Under Server Communication, select an address type. Type the appropriately formatted address or
host name of your server and change the default port number as needed.
3. Under Path, type the path of the authentication Web service on your server.
4. When Network Accounting is configured, the printer can obtain user accounting information from
the authentication server. To reduce the number of screens that appear when a user logs in at the
control panel, select Automatically apply Accounting Codes from the server.
If you want users to provide an accounting code at the control panel, select User must manually enter accounting codes at the device.
5. Click Save.
80 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Security
Configuring Smart Card Authentication Settings
When Smart Card authentication is configured, users swipe a pre-programmed identification card at the
control panel. Purchase and install a Smart Card reading system before configuring Smart Card
authentication.
To configure access rights using Smart Card authentication:
•Provide information about your domain controller servers and configure Domain Controller and NTP
settings.
• Set the login method to Smart Cards. For details, see Setting the Login Method on page 73.
• If you want to validate certificates, configure Certificate Validation options and provide
information about your OCSP server.
• If needed, configure Smart Card Inactivity Timer settings.
• If needed, specify the method the printer uses to acquire the email address of a user by configuring
email Smart Card Policies.
• If you want a custom image to appear at the control panel, import your image.
• If you enabled Personalization, configure LDAP server settings.
• Configure authorization settings. For details, see Authorization on page 84.
®
The Login Methods page in Xerox
CentreWare® Internet Services provides links to authentication and
personalization configuration settings.
1. In Xerox
2. Click Login Methods.
®
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 81
Security
Setting Up Authentication for a Smart Card System
Domain Controller
1. On the Login Methods page, next to Domain Controllers, click Edit. The domain controller server
must validate the domain certificate on the smart card of the user before the user can access the
printer.
2. Click Add Domain Controller.
3. If you are using a Windows-based domain controller, under Domain Controller Type, select
Windows-Based Domain Controller.
4. Type the domain controller server address information.
5. Click Save to apply the new settings or Cancel to return to the previous screen.
6. To change the search priority of the domain controller, click Change Domain Priority.
a. To change the priority of the server, select a server in the list and click the arrows.
b. Click Close.
7. To configure NTP settings, next to Network Time Protocol, click Edit. Synchronize the domain
controller time with the time set on the printer.
Note: Xerox recommends that you enable NTP to ensure time synchronization.
8. To return to the Login Methods page, click Close.
To associate an LDAP server with your Domain Controller for authorization or personalization, under
LDAP Server Mapping, click Add LDAP Mapping.
Configuring OCSP Validation Server Settings
If you have an OCSP server, or an OCSP certificate validation service, you can configure the printer to
validate certificates installed on the domain controller.
Before you begin:
Add a domain controller.
1. On the Login Methods page, next to Certificate Validation, click Edit.
2. Select a validation method and click Next.
3. On the Required Settings page, type the URL of the OCSP server.
4. To ensure that the printer can communicate with the OCSP server and the domain controller,
configure your proxy server settings as needed.
5. For each domain controller listed, under Domain Controller Certificate, select the corresponding
domain controller certificate from the menu. If there are no certificates installed, click Install Missing Certificate.
6. Click Save.
Setting the Inactive Time Limit
1. On the Login Methods page, next to Smart Card Inactivity Timer, click Edit.
2. Specify the maximum amount of time before a user is logged out automatically. Type the time in
minutes.
3. Click Save.
82 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Specifying the Method the Printer Uses to Acquire Email Address of Users
1. On the Login Methods page, next to Acquired Logged-in User's Email Address, click Edit.
2. Under Acquire logged-in user's email address from, select an option:
−Auto instructs the printer to attempt to acquire the email address of the user from the Smart
Card. If an email address is not associated with the Smart Card, the printer searches the
Network Address Book. If an email address is not found, the printer uses the email address
specified in the From Field. Edit From Field settings on the Required Settings tab of the Email
Setup page.
−Only Smart Card instructs the printer to acquire the email address of the user from the Smart
Card.
−Only Network Address Book (LDAP) instructs the printer to search the Network Address Book
to acquire the email address of the user.
3. To configure LDAP server settings, under Server Configuration, next to Network Address Book
(LDAP), click Edit.
4. To enable or disable Personalization, under Feature Enablement, next to Acquire Email from
Network Address Book, click Enable Personalization or Disable Personalization.
5. Click Save.
Security
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 83
Security
Configuring Authorization Settings
Setting the Authorization Method
1. In Xerox® CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
2. Click User Permissions.
3. To edit the User Permissions Method, for Touch and Web User Interfaces, click Edit.
4. For User Permissions Method, select an option.
5. Click Save.
Configuring Local Authorization Settings
When you configure local authorization, the printer references the user database for authorization
information for the authenticated user.
To configure local authorization:
• Add user information to the user information database.
• Configure User Permissions.
®
The User Permissions page in Xerox
CentreWare® Internet Services provides links to authorization
configuration settings.
®
1. In Xerox
2. Click User Permissions.
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
Configuring Network Authorization Settings
When you configure network authorization, the printer references an authorization server for
authorization information for the authenticated user.
To configure network authorization:
• Provide information about your authorization server and configure authorization server settings.
• Configure User Permissions.
®
The User Permissions page in Xerox
configuration settings.
®
1. In Xerox
2. Click User Permissions.
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
CentreWare® Internet Services provides links to authorization
84 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Security
Configuring Network Authorization Server Settings
1. On the User Permissions page, under Action, next to LDAP Server or SMB Server, click Edit.
2. If you are using an LDAP server for authorization, configure LDAP server settings as needed. For
details, see LDAP on page 49.
Note: The printer uses the primary LDAP server for authentication, authorization, and
personalization. The primary LDAP server is the server that appears at the top of the LDAP server list
on the LDAP Server page in Xerox
LDAP server settings, the printer uses this server automatically when you select LDAP as the network
authentication or authorization method. The printer only uses alternate LDAP servers for
authorization and personalization when primary LDAP server communication fails.
3. If you are using an SMB server for authorization:
a. Under Configuration, type the Default Domain.
b. Select the address type.
c. Type the appropriately formatted IP address.
d. Under Login Credentials to Access SMB Server, select an option:
• None does not require the printer to provide the server a user name or password.
• Logged-in User instructs the printer to log in to the repository using the credentials of the
logged-in user.
•System uses the information provided in the Login Name and Password Fields to access
the server.
e. If you select System, type the Login Name and Password used to access the server. Type the
password, then type the password again to verify.
f. Enable Select to save new password to update the password for an existing Login Name.
g. Click Save.
®
CentreWare® Internet Services. If you already have configured
User Permissions
You can control access to service and tools, and printing times and methods for a group of users.
Print permissions are rules that allow you to control printing times and methods for a group of users. You
can:
• Restrict color printing, requiring users to print in black and white.
• Restrict 1-sided printing, requiring users to print 2-sided.
• Restrict a Job Type, such as Secure Print.
• Restrict access to specific paper trays.
• Specify the software applications from which users are allowed to print.
• Restrict printing, color printing, and 1-sided printing from specific software applications.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 85
Security
Services and Tools permissions are rules that allow you to control access to features or configuration
settings for a group of users. You can configure Services and Tools to:
• Restrict access to specific services, such as Copy, Email, or Fax.
• Restrict access to settings managed on the Tools menu at the control panel.
®
•Restrict access to settings managed on the Properties tab in Xerox
CentreWare® Internet Services.
Note: Not all options listed are supported on all printers. Some options apply only to a specific
printer model, configuration, operating system, or driver type.
User Roles
A role is a set of permissions associated with a group of users. To edit permissions for a group of users,
you edit permissions for a role.
There are two types of roles:
•The Non-Logged-In Users Role applies to any user who accesses the printer, but is not
authenticated. This role also applies to anyone who sends a job that is not associated with a user
name or job owner. Examples are a job sent using LPR, or a job sent from a mainframe application.
•Logged-In Users Roles are roles that you create. These roles apply to authenticated users only. You
can assign specific users or user groups to the role, or you can create a role that applies to all
authenticated users.
Editing Print Permissions for the Non-Logged-In Users Role
1. In Xerox® CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
2. Click User Permissions.
3. Under Action, next to User Permission Roles, click Edit.
4. Click the Non-Logged-In Users tab.
5. Under Actions, click Edit.
6. Click the Print tab.
7. To edit print permissions, next to a print setting that you want to restrict, click Edit.
86 Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer
System Administrator Guide
Security
Setting Black and White and Color Print Permissions
1. On the When Users can Print page, select an option.
2. Under Allow Printing, select when users can print:
− Always to allow printing at all times.
− Monday – Friday from to allow printing on weekdays. Select when users are allowed to print
from the From Time and To Time menus.
−Time of Day (Advanced) to allow printing on specific days during a specific time range. Select
the From Time and To Time, and click Add Time Range next to the day. To delete, click the
trash can icon.
−Never to restrict printing at all times.
3. To specify permissions for Color and Black and White printing independently, select Make color printing more restrictive than black & white printing.
4. Click Save.
Note: Not all options listed are supported on all printers. Some options apply only to a specific
printer model, configuration, operating system, or driver type.
Setting 1-Sided Print Permissions
1. On the 1-Sided Printing page, under Role State, select Not Allowed to require users to print 2-sided.
2. Click Save.
Setting Job Type Print Permissions
1. On the Job Types page, under Presets, select one of the following options:
− Allow all Job Types allows users to print any job type.
− Only Allow Secure Print ensures that users only send secure print jobs.
− Custom allows you to select the job types that users are allowed to send.
2. If you selected Custom, under Role State, next to each job type, select Not Allowed to restrict users
from using the job type.
3. Click the Lock icon to lock all job types or click the Unlock icon to unlock all job types.
4. Click Save.
Setting Paper Tray Print Permissions
1. To restrict users from using a paper tray, under Role State, next to the paper tray, select Not
Allowed.
2. To lock all paper trays, click the Lock icon. To unlock all paper trays, click the Unlock icon.
3. Click Apply.
Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer 87
System Administrator Guide
Security
Setting Application Print Permissions
1. On the Applications page, click Add New Application.
2. From the Application List, select an application.
Note: To add an application to the list, submit a print job from that application to the printer.
3. To restrict users from using the printing method, for Role State, next to a permission type, select
Not Allowed.
4. Click Apply.
Note: Not all options listed are supported on all printers. Some options apply only to a specific
printer model, configuration, operating system, or driver type.
Managing the List of Applications
Application Manager allows you to associate Application IDs with an Application Group. Application
Group Names for common application types appear in the table at the bottom of the Application
Manager page. The associated Application IDs appear next to each of the Application Group Names. An
Application ID identifies the application from which the job was sent. To control print permissions for an
application, the Application ID of the application must be associated with an Application Group Name.
If you send a job from an application that is not in the default list, a new Application ID appears in the
Custom Application ID list.
1. On the Applications page, click Application Manager.
2. To associate a custom Application ID with an existing Application Group, under Actions, click Merge With.
a. Under Merge With the Application Group, select an application from the menu.
b. Click Save.
3. To create a new Application Group, under Actions, click Make This A Group.
a. Under Application Group Name, type a name for the group.
b. Click Save.
4. To delete a custom Application ID, under Actions, click Delete.
5. To delete or disassociate a custom Application ID from an Application Group Name, under Actions,
click Manage next to an Application Group Name.
a. Click Un-Merge to disassociate the Application ID, or click Delete to delete the Application ID.
b. Click Close.
6. To create a custom Application ID, click Add Manually.
a. Under Application ID, type an Application ID.
b. Click Save.
7. Click Close to return to the Applications page.
88 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Security
Editing Services and Tools Permissions for the Non-Logged-In Users Role
1. In Xerox® CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
2. Click User Permissions.
3. Under Action, next to User Permission Roles, click Edit.
4. Click the Non-Logged-In Users tab.
5. For Actions, click Edit.
6. Click the Services and Tools tab.
7. For Presets, select an option.
8. If you select Custom, under Role State, for each service or tool in the list, select Allowed or Not Allowed.
9. To hide a service icon on the printer touch screen, select Not Allowed.
10. Click Apply.
Creating a New Role
To edit permissions for a specific group of users, first create a role.
1. In Xerox
2. Click User Permissions.
3. For User Permission Roles, click Edit.
4. Click the Logged-In Users tab.
5. To create a new role, click Make Your Own Permission Roles.
6. For New Permission Profile, type a name and description for the role.
7. To configure access for users to services, click View Quick Setup Options, then select options.
®
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
Note: If you do not select an option, print permissions are set to Allowed. The default permissions
for a new role are the same as the Non-Logged-In user role.
8. Click Create.
9. To assign users to the role, or to configure permissions for the role, click either the Print link or the
Services and Tools link.
10. To save, click Apply.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 89
Security
Assigning Users to a Role for Local Authorization
Once you configure local authorization, add user information to the user database, and create a
user-defined permission role, you can assign users to the role.
®
1. In Xerox
2. Click User Permissions.
3. For User Permission Roles, click Edit.
4. Click the Logged-In Users tab.
5. To add users to a user-defined permission role, for the desired role, click Edit User Mappings.
6. For Methods, select an option.
− Select Individual Users: This option allows you to select the users that you want to assign to
− All Logged-in Users: This option assigns all users to the role. To remove individual users from
7. To create a user entry and add it to the role, click Add New User.
8. Click Apply.
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
the role.
this list, select Exceptions, then select the users to remove.
Assigning User Groups to a Role for Network Authorization
Once you configure network authorization, you can assign LDAP or SMB groups of users to roles.
®
1. In Xerox
2. Click User Permissions.
3. Under Action, next to User Permission Roles, click Edit.
4. Click the Logged-In Users tab.
5. Next to a role, click Edit User Mappings.
6. Under Methods, select an option:
− Assign Groups allows you to select the user groups that you want to assign to the role.
− All Logged-in Users assigns all user groups to the role.
To select specific user groups to remove from the role, select All Logged-in Users and Exceptions.
All other user groups are assigned to the role.
7. If you chose Select Individual Users, or Exceptions, select user groups.
a. If you know the name of the group you want to add, under Assign Groups, type the group
Note: If LDAP or SMB server settings are not configured, you cannot search for and add groups.
b. To add a group to the role, select the group from the list and click Add. To add all groups from
c. To remove a group, select the group in the Users in Assigned Groups list and click Remove. To
8. Click Apply.
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
name and click Search for Groups.
the list to the role, click Add All.
Groups assigned to the role appear in the Users in Assigned Groups list.
remove all groups from the list, click Remove All.
90 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Security
Editing a Logged-In User Role
1. In Xerox® CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
2. Click User Permissions.
3. Under Action, next to User Permission Roles, click Edit.
4. Click the Logged-In Users tab.
5. Next to a role, click Edit User Mappings.
Note: You cannot edit permissions for the System Administrator or Accounting Administrator roles.
Users assigned to the System Administrator role can access all features of the printer. Users
assigned to the Accounting Administrator role can access accounting features only.
6. Assign users to the role, or to configure permissions for the role, click either the Print tab or Services and Tools tab.
7. To save, click Apply.
For details, see Editing Print Permissions for the Non-Logged-In Users Roleon page 86 and Editing
Services and Tools Permissions for the Non-Logged-In Users Roleon page 89.
Note: For each user permission type, you cannot restrict access for logged-in users and allow access
for non-logged-in users. To restrict access for non-logged-in users, next to a permission setting, click
the Auto Correct link.
Specifying Job Override Policies
Use Job Override Policies to specify what happens when a user without appropriate print permissions
sends a color or 1-sided print job to the printer.
®
1. In Xerox
2. Click User Permissions.
3. Under Action, next to Job Override Policies, click Edit.
4. Under Color Printing, select Print Job in Black & White, or Delete Job. If an unauthorized user
sends a color job, the job prints in black and white or is deleted.
5. Under 1-Sided Printing, select Print Job 2-Sided, or Delete Job. If an unauthorized user sends a
1-sided job, the job prints 2-sided or is deleted.
6. Click Save.
Note: Not all options listed are supported on all printers. Some options apply only to a specific
printer model, configuration, operating system, or driver type.
CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer 91
System Administrator Guide
Security
Troubleshooting Conflicting Permissions
1. In Xerox® CentreWare® Internet Services, click Properties > Login/Permissions/Accounting.
2. Click User Permissions.
3. Under Action, next to User Permission Roles, click Edit.
4. Click Troubleshooting.
5. To see a summary of permissions for a user, on the Permission Role Summaries tab, next to a user
name click Permissions Summary.
Temporarily Disabling Print Permissions for all Users
1. On the Troubleshooting page, click the Permission Enablement tab.
2. To disable print restrictions for all users, next to Print, under Actions, select Disable.
3. Click Apply.
92 Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer
System Administrator Guide
Security
Secure HTTP (SSL)
To establish an HTTP Secure (HTTPS) connection to the printer, you can use SSL to encrypt data sent
over HTTP. Features that require HTTPS use SSL automatically. You can also use SSL encryption for
protocols such as LDAP and SMTP.
Notes:
•SSL encryption is protocol-independent. You can turn on SSL for protocols or scan destinations
as needed.
®
•When the printer uses HTTPS, all pages in Xerox
https:// in the URL.
Using SSL for all HTTP Communication
1. In Xerox® CentreWare® Internet Services, click Properties > Connectivity > Setup.
2. For Protocol, next to HTTP, click Edit.
3. Click the HTTP tab.
4. For Force Traffic over SSL, select Yes. Change the default port number as needed.
a. From the Choose Device Certificate menu, select the Device Certificate to use for SSL.
b. To view the selected certificate details, or to save the certificate to your computer, click
View/Save.
®
c. If you are using the Xerox
Trusted CA Certificate in your Web browser. Installing the Generic Xerox
Certificate ensures that your browser trusts the printer. To download the certificate, click
Download the Generic Xerox
5. Click Save.
Default Device Certificate, you can install the Generic Xerox®
®
Trusted CA Certificate.
CentreWare® Internet Services contain
®
Trusted CA
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 93
Security
FIPS 140-2
If FIPS 140-2 encryption is required, all computers, servers, browser software, security certificates, and
applications must comply with the standard or operate in FIPS-compliant mode. Transmitted and stored
data must be encrypted as specified in United States Federal Information Processing Standard (FIPS)
140-2 (Level 1). You can enable the printer to check that the current configuration ensures the specified
encryption.
Enabling FIPS 140 Mode can prevent the printer from communicating with network devices that
communicate using protocols that do not use FIPS-compliant encryption algorithms. To allow non-FIPS
compliant protocols or features when FIPS 140 mode is enabled, acknowledge the notification of
non-compliance during the validation process.
When non-FIPS compliant protocols are enabled after FIPS mode is enabled, a message appears
indicating the protocols use non-FIPS compliant encryption algorithms. Examples of non-FIPS compliant
protocols include SNMPv3 or NetWare.
When you enable FIPS-140 mode, the printer validates the current configuration by performing the
following checks:
•Validates certificates for features where the printer is the server in the client-server relationship. An
SSL certificate for HTTPS is an example.
•Validates certificates for features where the printer is the client in the client-server relationship. CA
certificates for LDAP, Xerox Extensible Interface Platform, and Smart eSolutions are examples.
•Validates certificates that are installed on the printer, but not used. Certificates for HTTPS, LDAP, or
SNMPv3 are examples.
•Checks features and protocols for non-compliant encryption algorithms. For example, NetWare and
SNMPv3 use encryption algorithms that are not FIPS-compliant.
When validation is complete, information and links appear in a table at the bottom of the page.
• Click the appropriate link to disable a non-compliant feature, or protocol.
• Click the appropriate link to replace any non-compliant certificates.
• Click the appropriate link to acknowledge that you allow the printer to use non-compliant features
and protocols.
94 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Enabling FIPS 140 Mode and Checking for Compliance
1. In Xerox® CentreWare® Internet Services, click Properties > Security > Encryption.
2. Click FIPS 140-2.
3. Click Enable.
4. Click Run Configuration Check and Apply.
A pass or fail message appears:
− If the configuration check passes, click Reboot Machine to save and restart the printer.
− If the configuration check fails, the reasons for the failed test list in a table at the bottom of
the page. For each reason, a link is provided. Click the appropriate link to disable the protocol,
replace the certificate, or allow the printer to use the non-compliant protocol.
Note: When FIPS 140 Mode is enabled, only FIPS-compliant certificates can be installed on the
printer.
Security
Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer 95
System Administrator Guide
Security
Stored Data Encryption
You can encrypt user data on the printer hard drive to prevent unauthorized access to data stored on the
drive.
Enabling Encryption of Stored Data
1. In Xerox® CentreWare® Internet Services, click Properties > Security > Encryption.
2. Click User Data Encryption.
3. Under User Data Encryption Enablement select Enabled.
4. Click Apply to save the new settings or Undo to retain the previous settings.
CAUTION: The printer restarts. This interrupts or deletes current jobs. Xerox
back up jobs and folders before enabling User Data Encryption.
®
recommends that you
96 Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer
System Administrator Guide
Security
IP Filtering
You can prevent unauthorized network access by creating an IP Filter to block or allow data sent from
particular IP addresses.
Creating or Editing an IP Filter Rule
1. In Xerox® CentreWare® Internet Services, click Properties > Security.
2. Click IP Filtering.
3. Click Add IP Filter.
4. Under Define Protocol, select the protocol.
5. Under Action, select how you want the filter to manage the incoming packet:
− If you want the printer to allow the packet access, select Accept.
− If you want the printer to reject the packet and send an ICMP message back to the source host,
select Reject.
− If you want the printer to ignore the packet, select Drop.
6. Type the Source IP Address.
7. Type a number from 0 through 32 for the Source IP Mask that uses this rule. The range of 0–32
corresponds to the 32-bit binary number comprising IP addresses. For example:
− The number 8 represents a Class A address with a mask of 255.0.0.0.
− The number 16 represents a Class B address with a mask of 255.255.0.0.
− The number 24 represents a Class C address with a mask of 255.255.255.0.
8. If you selected TCP or UDP, type the Destination Port the rule will manage. If the incoming packet is
not sent to this port, the rule is ignored.
9. If you selected ICMP, type the ICMP Message Type that the rule is going to manage.
10. To specify the order that actions are performed, under Precedence Order, select an option.
Actions are performed in the order defined in the rule list. To arrange rule execution order, go to the
IP Filtering page.
11. Click Save.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 97
Security
Editing an IP Filter Rule
1. In Xerox® CentreWare® Internet Services, click Properties > Security.
2. Click IP Filtering.
3. For to the IP filter rule you want to edit, click Edit.
4. Make the desired changes to the settings.
5. Click Save.
Arranging the Execution Order of IP Filter Rules
1. In Xerox® CentreWare® Internet Services, click Properties > Security.
2. Click IP Filtering.
3. Click an IP filter rule.
4. Next to Move Up/Down, click the appropriate arrow.
98 Xerox
®
WorkCentre® 6655/6655i Color Multifunction Printer
System Administrator Guide
Audit Log
The Audit Log feature records events that occur on the printer. You can then download the log as a
tab-delimited text file to review for potential problems or security issues.
Enabling Audit Log
1. In Xerox® CentreWare® Internet Services, click Properties > Security.
2. Click Audit Log.
3. For Device Audit Log, click Enabled.
4. Click Apply.
Note: When McAfee is enabled, this option is unavailable.
Security
Enabling Automatic Log Transfer
The system administrator can use Secure FTP to send the device audit log file to a server. You can
transfer the audit log on demand or schedule it as a daily service.
Note: Secure FTP applies to IPv4 only.
To enable automatic log transfer:
1. In Xerox
2. Click Audit Log.
3. For Automatic Log Transfer, click Enabled.
4. For Schedule Automatic Log Transfer, click Enabled.
5. To establish an automatic daily log transfer time, enter a time in 24-hour format.
6. For Automatic Log Transfer Server, select an option, then enter the repository server IP address or
name.
7. For Path, enter the complete path name.
8. For Login Name, enter the login credentials.
9. For Password, enter then reenter the password credentials.
10. Click Apply.
®
CentreWare® Internet Services, click Properties > Security.
Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer 99
Security
Enabling Protocol Logs
Protocol logs provide information about connection-specific secure protocols, such as HTTPS, IPsec, SSH,
and TLS. Each enabled protocol generates a unique protocol log that is populated with information. If a
protocol is not enabled, the corresponding protocol log still appears but is not populated with
information. Protocol log functionality complies with Common Criteria requirements.
Note: If you enable or disable the protocol log feature, reboot the device.
To enable protocol logs:
®
1. In Xerox
CentreWare® Internet Services, click Properties > Security.
2. Click Audit Log.
3. For Protocol Log, click Enabled.
Note: The protocol logs download in a .zip file archive that contains either one or five text files. If the
protocol log feature is enabled, the protocol log .zip file archive contains five text files. The .zip file name
format appears as serialnumber_year-month-date-timezone_offset-time_auditfile.zip.
Saving an Audit Log
1. In Xerox® CentreWare® Internet Services, click Properties > Security.
2. Click Audit Log.
3. Click Export Audit Log.
4. Right-click the Download Log link, then save the compressed auditfile.txt.gz file to your computer.
5. Extract the Auditfile.txt file, then open it in a spreadsheet application that can read a tab-delimited
text file.
Saving an Audit Log to a USB Flash Drive
1. At the printer control panel, press the Machine Status button, then touch the Tools tab.
2. Touch Security Settings > Audit Log.
3. Touch Download Log.
4. Insert your USB Flash drive into the front USB port. The log file downloads automatically.
5. When the download completes, click Close.
100 Xerox
System Administrator Guide
®
WorkCentre® 6655/6655i Color Multifunction Printer
Loading...
+ hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.