07-19-2024 11:42 PM
Is it possible to do NAC for HP Color Laser printers. Printers are connected to Cisco switches.
Requirement is only these printers should be permitted to connect to the switch. Any other switch connecting, should not be permitted in the network.
07-20-2024 12:09 AM
@manvik yes you can certainly do NAC on printers, most printers support 802.1X.
You can either configure the printer with a username/password and perform PEAP/MSCHAPv2 authentication or configure a certificate for EAP-TLS authentication.
If you do not wish to use 802.1X you could perform MAB, based on the MAC address of the printer.
07-20-2024 12:14 AM
the HP Color Laser printer do not support 802.1x. If MAB is to be used what should be the switch port configuration.
07-20-2024 12:19 AM
@manvik ok. It's standard switchport configuration, nothing special for printers.
interface range GigabitEthernet w/x/y-z
description ## 802.1x enabled access port ##
switchport access vlan <VLAN ID>
switchport mode access
authentication event fail action next-method
authentication event server dead action authorize vlan <VLAND ID>
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication timer inactivity server dynamic
mab
dot1x pae authenticator
dot1x timeout tx-period 7
dot1x max-reauth-req 3
spanning-tree portfast
spanning-tree bpduguard enable
Refer to the ISE guide for more information https://community.cisco.com/t5/security-knowledge-base/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515
08-26-2024 08:58 AM
Yes, it is possible to implement NAC (Network Access Control) for your HP Color Laser printers connected to Cisco switches. You can achieve this by configuring MAC address-based filtering on your switches, allowing only the printers' MAC addresses to connect. This ensures that any other devices trying to connect will be denied network access. If you're interested in other specialized hardware, like the Prusa MK3S+ 3D printer, it's important to ensure similar security measures to protect your network and devices.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide