TCP/IP Settings

TCP/IP Settings

This screen allows you to configure settings to connect the machine to a TCP/IP environment and use it.

The IP address can be checked and its acquisition method can be set, the DNS server can be set in the current operating environment, and the IPsec setting can be made based on the safety communication technology as follows.

Menu Item/Description

Setting value (: Default)

TCP/IP Settings

ON, OFF

IPv4 Settings

IP Application Method *1

Manual Input, Auto Input

Manual Input

IP Address

(0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0)

Subnet Mask

(0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0)

Default Gateway

(0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0)

Auto Input

DHCP Settings

ON, OFF

BOOTP Settings

ON, OFF

ARP/PING Settings

ON, OFF

AUTO IP Settings

ON, OFF

IPv6 Settings

ON, OFF*2

Auto IPv6 Settings

ON, OFF*3

DHCPv6 Setting

ON, OFF

Global Address

1-39 bytes (Default: 0000:0000:0000:0000:0000:0000:0000:0000)*4

Prefix Length

1 to 128 (Default: 0)

Link-Local Address

fe80: XXXX ("XXXX" is automatically generated based on the Mac address.)

Gateway Address

1-39 bytes (Default: 0000:0000:0000:0000:0000:0000:0000:0000)*7

DNS Host

DNS Host Name

Up to 63 one-byte characters can be entered.

Dynamic DNS Settings

Enable, Disable

DNS Domain

Domain Name Auto Retrieval

Enable, Disable

Search Domain Name Auto Retrieval

Enable, Disable

Default DNS Domain Name

Up to 251 one-byte characters can be entered. * 8

DNS Search Domain Name 1

Up to 251 one-byte characters can be entered. * 8

DNS Search Domain Name 2

Up to 251 one-byte characters can be entered. * 8

DNS Search Domain Name 3

Up to 251 one-byte characters can be entered. * 8

DNS Server Settings (IPv4)

DNS Server Auto Obtain

Enable, Disable

Priority DNS Server

(0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0)

Secondary DNS Server 1

(0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0)

Secondary DNS Server 2

(0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0)

DNS Server Settings (IPv6)

DNS Server Auto Obtain

Enable, Disable

Priority DNS Server

1-39 bytes (Default: 0:0:0:0:0:0:0:0)

Secondary DNS Server 1

1-39 bytes (Default: 0:0:0:0:0:0:0:0)

Secondary DNS Server 2

1-39 bytes (Default: 0:0:0:0:0:0:0:0)

IPsec Settings/IPsec Settings

IPsec is a technique that prevents data falsification or data leakage on an IP packet basis using the encryption technology.

IKE Settings

Configure settings to create an IPsec common key.

IKEv1 Settings

Encryption Algorithm

DES-CBC, 3DES-CBC, AES-CBC

AES Key Length Settings *5

ON, OFF

128, 192, 256, 128 and 192, 192 and 256, Entire Document

Authentication Algorithm

MD5, SHA-1, SHA-2

SHA-2 Key Length Settings *6

ON, OFF

256, 384, 512, 256 and 384, 384 and 512, Entire Document

Diffie-Hellman Group

Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24

Key Validity Period

600 to 604800 (sec.) (Default: 28800)

Negotiation Mode

Main Mode, Aggressive Mode

IKEv2 Settings

Encryption Algorithm

DES-CBC, 3DES-CBC, AES-CBC

AES Key Length Settings *5

ON, OFF

128, 192, 256, 128 and 192, 192 and 256, Entire Document

Authentication Algorithm

MD5, SHA-1, SHA-2, AES-XCBC

SHA-2 Key Length Settings *6

ON, OFF

256, 384, 512, 256 and 384, 384 and 512, Entire Document

Diffie-Hellman Group

Priority 1

Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24

Priority 2

Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF

Priority 3

Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF

Priority 4

Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF

Key Validity Period

600 to 604800 (sec.) (Default: 28800)

IPsec SA Settings

Set SA (Security Association) used to establish an encryption communication.

Group 1 to Group 10

ON, OFF

Group Name

Up to 10 one-byte characters can be entered.

Encapsulation Mode

Transport Mode: Only encrypts data, and sends the encrypted data with an IP header.

Tunnel Mode: Collectively encrypts IP header and data, and sends the encrypted result with a new IP header. For the tunnel end point, enter the IP address of the peer’s IPsec gateway. This enables more secure communications based on the advanced security measures.

Tunnel Mode, Transport Mode

Tunnel End Point

IPv4 address or IPv6 address (Max. 39 bytes) (Default: 0.0.0.0)

Security Protocol

AH, ESP

Key Exchange Method

IKEv1, IKEv2, Manual Key

General Settings

Pre-Shared Key, Digital Signature

Local Authentication Method

Pre-Shared Key, Digital Signature

Peer Authentication Method

Pre-Shared Key, Digital Signature, Pre-Shared Key/Digital Signature

ESN

Enable, Invalid

Replay Detection

Enable, Invalid

ESP Encryption Algorithm

AES_CBC, AES_CTR, DES_CBC, AES-GCM-64, 3DES_CBC, AES-GCM, NULL, ENC-NULL-AES-GMAC

AES-CBC Key Length

128, 192, 256, 128 and 192, 192 and 256, Entire Document

AES-CTR Key Length

128, 192, 256, 128 and 192, 192 and 256, Entire Document

AES-GCM Key Length

128, 192, 256, 128 and 192, 192 and 256, Entire Document

AES-GCM-64 Key Length

128, 192, 256, 128 and 192, 192 and 256, Entire Document

ENC-NULL-AES-GMAC Key Len

128, 192, 256, 128 and 192, 192 and 256, Entire Document

ESP Authentication Algorithm

MD5, SHA-1, SHA-2, AES-XCBC

SHA-2 Key Length

256, 384, 512, 256 and 384, 384 and 512, Entire Document

AH Authentication Algorithm

MD5, SHA-1, SHA-2, AES-GMAC, AES-XCBC

SHA-2 Key Length

256, 384, 512, 256 and 384, 384 and 512, Entire Document

AES-GMAC Key Length

128, 192, 256, 128 and 192, 192 and 256, Entire Document

Perfect Forward Secrecy

ON, OFF

Diffie-Hellman Group (IKEv1)

1, 2, 5, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, OFF

Diffie-Hellman Group (IKEv2)

Priority 1

Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24

Priority 2

Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF

Priority 3

Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF

Priority 4

Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF

Encryption Algorithm

DES_CBC, 3DES_CBC, AES_CBC, NULL

AES Key Length

128, 192, 256

Authentication Algorithm

MD5, SHA-1, SHA-2, AES-XCBC

SHA2 Key Length

256, 384, 512

SA Index

Receiving

256 to 4294967295

Sending

256 to 4294967295

Common Key Encryption

Receiving

Sending

Common Key Authentication

Receiving

Sending

Lifetime After Establishing SA

600 to 604800 (sec.) (Default: 3600)

Peer

Group 1 to Group 10

ON, OFF

Group Name

Up to 10 one-byte characters can be entered.

Addressing Mode

Unicast, Subnet Settings, Set Range

Unicast

IPv4 Address Input, IPv6 Address Input (Default: 0.0.0.0)

Subnet Settings

IP Address: IPv4 Address Input, IPv6 Address Input

Subnet Mask: IPv4 Address Input, IPv6 Address Input (Default :0.0.0.0)

Set Range

From IP Address: IPv4 Address Input, IPv6 Address Input

To IP Address: IPv4 Address Input, IPv6 Address Input (Default: 0.0.0.0)

Pre-Shared Key Text

ASCII Input

Up to 128 one-byte characters can be entered.

HEX Input

Up to 256 one-byte characters can be entered.

Key-ID String

Up to 128 one-byte characters can be entered.

Protocol Setting

Group 1 to Group 10

ON, OFF

Group Name

Up to 10 one-byte characters can be entered.

Protocol Identification Setting

TCP, UDP, ICMP, ICMPv6, Do Not Set

Port Specification Method

Port Number, Set Range

Port Number

Sender Port Number: 1 to 65535

Sender Port Number: 1 to 65535

Set Range

Sender Port Number/Start Number: 1 to 65535

Sender Port Number/End Number: 1 to 65535

Sender Port Number/Start Number: 1 to 65535

Sender Port Number/End Number: 1 to 65535

Message Type (ICMP, ICMPv6)

Echo Request/Reply, Do Not Set

IPsec Setting/Enable Ipsec

ON, OFF

IPsec Policy

Group 1 to Group 10

Group Name

Up to 10 one-byte characters can be entered.

Peer

1, 2, 3, 4, 5, 6, 7, 8, 9, 10 button

Protocol

1, 2, 3, 4, 5, 6, 7, 8, 9, 10 button

IPsec Setting

1, 2, 3, 4, 5, 6, 7, 8, 9, 10 button

Communication Type

Send and Receive, Send, Receive

Action

Protected, Allow, Deny, Cancel

Common Settings

Dead Peer Detection

15, 30, 45, 60, 75, 90, 105, 120

Cookies

Enable, Invalid

ICMP Pass Settings

Enable, Invalid

ICMPv6 Pass Settings

Enable, Invalid

default action

Allow, Deny

Certificate Verification Level Settings

Expiration Date

Confirm, Do Not Confirm

Key Usage

Confirm, Do Not Confirm

Chain

Confirm, Do Not Confirm

Expiration Date Confirmation

Confirm, Do Not Confirm

IPsec Setting - Communication Check 

Check Connection

IP Address

IPv4 Address Input

(0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0)

IPv6 Address Input

1-39 bytes (Default: 0:0:0:0:0:0:0:0)

Check Connection

Communication Error Log

Logs 1 to 20

IP Filtering(Permit Access)

Enable, Disable

Set 1: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) *10

Set 2: Start 0.0.0.0 to End 0.0.0.0 (0 to 255)

Set 3: Start 0.0.0.0 to End 0.0.0.0 (0 to 255)

Set 4: Start 0.0.0.0 to End 0.0.0.0 (0 to 255)

Set 5: Start 0.0.0.0 to End 0.0.0.0 (0 to 255)

IP Filtering(Deny Access)

Enable, Disable

Set 1: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) *10

Set 2: Start 0.0.0.0 to End 0.0.0.0 (0 to 255)

Set 3: Start 0.0.0.0 to End 0.0.0.0 (0 to 255)

Set 4: Start 0.0.0.0 to End 0.0.0.0 (0 to 255)

Set 5: Start 0.0.0.0 to End 0.0.0.0 (0 to 255)

RAW Port Number

Port 1

1 to 65535, OFF (Default: 9100)*9

Port 2

1 to 65535, OFF (Default: 9112)

Port 3

1 to 65535, OFF (Default: 9113)

Port 4

1 to 65535, OFF (Default: 9114)

Port 5

1 to 65535, OFF (Default: 9115)

Port 6

1 to 65535, OFF (Default: 9116)

LLMNR Setting

Enable, Disable

*1:

If Auto Input is selected, the following settings are available.
-DHCP Settings
-BOOTP Settings
-ARP/PING Settings
-AUTO IP Settings
However, changing the selection from Auto Input to Manual Input invalidates the settings made for DHCP Settings and BOOTP Settings. Also, changing from Manual Input to Auto Input validates the following settings.
-DHCP Settings
-BOOTP Settings
-ARP/PING Settings
-AUTO IP Settings

*2:

If IPv6 Settings is set to OFF, this function is disabled even when Auto IPv6 Settings is set to ON. In PageScope Web Connection, the drop-down list of Auto IPv6 Setting is grayed out.

*3:

Selecting OFF for Auto IPv6 Settings enables the setting change of Global Address, Prefix Length and Gateway Address.

*4:

If the following address range is specified, it causes an error.
fe80:: - febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff
ff00:: - ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff

*5:

This can be set if Encryption Algorithm is set to AES-CBS.

*6:

This can be set if Authentication Algorithm is set to SHA-2.

*7:

Available only for the range from fe80: 0: 0: 0: : to fe80: 0: 0: 0: ffff: ffff: ffff: ffff.

*8:

Up to 253 one-byte characters including periods can be entered for the host name.

To enter 64 characters or more, you need to use periods (.) to separate the characters.

*9:

You can use the advanced settings in the Administrator Mode of PageScope Web Connection (for details, refer to TCP/IP Setting).

*10:

Only one IP address, not a range, can be permitted/denied in three ways.

For example, to permit/deny 192.168.11.22 only, enter:

192.168.11.22 - 0.0.0.0

0.0.0.0 - 192.168.11.22

192.168.11.22 - 192.168.11.22