Specifies whether to use IPsec.
Access IPsec to display the IPsec Operation Selection screen.
Select the [Enable IPsec] radio button, and click [OK].
The [Enable IPsec] screen is displayed.
To use IPsec, select [ON] from the [IPsec] drop-down list.
If no responce has been returned from the peer, the SA for the peer is deleted. In [Dead Peer Detection], specify a desired period of time that must elapse before your survival confirmation is sent to the peer that has not responded.
To enable the cookie, select [Enable] from the [Cookie] drop-down list.
To allow Internet Control Message Protocol (ICMP) packets to pass without applying IPsec to ICMP, select [Enable] from the [ICMP Pass] drop-down list.
To allow Internet Control Message Protocol for IPv6 (ICMPv6) packets to pass without applying IPsec to ICMPv6, select [Enable] from the [ICMPv6 Pass] drop-down list.
If you want to discard IP packets that do not meet [IPsec Policy] when IPsec communication is enabled, select [Delete] from the [Default action] drop-down list.
To verify the certificate, select items to be verified from each drop-down list of [Cert. Verification Level], then select [Confirm] or [Do Not Confirm].
[Validity Period]: Checks whether the certificate's validity period is still valid.
[Key Usage]: Checks whether the certificate is used according to the intended usage approved by the issuer of the certificate
[Chain]: Checks whether or not the certificate chain (certificate pass) has a problem. The chain is verified by referring to the external certificates managed by the machine.
[Expiration Date Confirmation]: Checks whether or not the certificate has expired.
Configure the IPsec policy settings. You can specify each IP packed condition to allow IP packets that match the condition to pass.
Enter [Name].
Specify the peer of [IPsec Settings] from the registered [Peer].
Specify the protocol of [IPsec Settings] from the registered [Protocol Setting].
Specify the SA of [IPsec Setting] from the registered [IPsec Setting].
Specify the action for IP packets that match [Peer], [Protocol Setting], and [Communication Type] from [action].
[Protected]: Protects IP packets that match the condition.
[Pass]: Does not protect IP packets that match the condition.
[Delete]: Discards IP packets that match the condition.
[Deny Access]: Rejects IP packets that match the condition.
Click [OK]. If you click [Cancel], the changes to the IPsec policy are not set.
Click [OK] on the setting complete screen.
The screen returns to the [Enable IPsec] screen.
When deleting the IPsec policy, click [Delete].
Click [OK] on the confirmation screen. Click [Cancel] to cancel the deletion.
Click [OK] on the setting complete screen.
The screen returns to the [Enable IPsec] screen.
When you have completed all the settings, click [OK] in the [Enable IPsec] screen. Clicking [Cancel] cancels the setting.
Click [OK] on the setting complete screen.