Enable IPsec
To display: [Utility][Administrator Settings][Network Settings][TCP/IP Settings][IPsec Settings][Enable IPsec]
Configure settings to enable use of IPsec on this machine. Also, specify the policy for IPsec communication.
In [IPsec Settings], register items [IKE Settings], [IPsec SA Settings], [Peer], and [Protocol Setting].
Settings | Description |
---|
[ON]/[OFF] | Select whether to use IPsec. [OFF] is specified by default. |
[IPsec Policy] | Configure the policy to apply for IPsec communication. IP packet conditions can be specified to pass or allow the IP packets that meet each of the conditions. Select a group, then tap [Edit]. |
| [ON]/[OFF] | Select whether to use the IPsec policy. [OFF] is specified by default. |
[Group Name] | Enter a name for the IPsec policy (using up to 10 characters). |
[action] | Select an action to be taken for the IP packets that meet [Peer], [Protocol], and [IPsec Settings]. [Protected]: Protect the IP packets that met the conditions. [Allow]: Do not protect the IP packets that met the conditions. [Deny]: Discard the IP packets that met the conditions. [Cancel]: Refuse the IP packets that met the conditions.
|
[Select Group] | Select [Peer], [Protocol], and [IPsec Setting] from the registered settings. |
[Communication Type] | Select a direction of IPsec communication. |
[Common Settings] | Configure common settings for IPsec policy. [Cookies]: Select whether to enable the defense using Cookies against denial-of-service attacks. [Invalid] is specified by default. [ICMP Pass Settings]: Select whether to apply IPsec to the Internet Control Message Protocol (ICMP). Select [Enable] to allow the ICMP packets to pass without applying IPsec to the ICMP. [Invalid] is specified by default. [ICMPv6 Pass Settings]: Select whether to apply IPsec to the Internet Control Message Protocol for IPv6 (ICMPv6). Select [Enable] to allow the ICMPv6 packets to pass without applying IPsec to the ICMPv6. [Invalid] is specified by default. [default action]: Select an action to be taken if no settings meet the [IPsec Policy] while IPsec communication is enabled. Select [Deny] to discard IP packets that do not meet the [IPsec Policy] settings. [Allow] is specified by default. [Certificate Verification Level Settings]: To verify the certificate, select items to be verified. [Expiration Date]: Confirm whether the certificate is within the validity period. [Confirm] is specified by default. [Key Usage]: Confirm whether the certificate is used according to the intended purpose approved by the certificate issuer. [Do Not Confirm] is specified by default. [Chain]: Confirm whether there is a problem in the certificate chain (certificate path). The chain is validated by referencing the external certificates managed on this machine. [Do Not Confirm] is specified by default. [Expiration Date Confirmation]: Confirm whether the certificate has expired. [Do Not Confirm] is specified by default. [Dead Peer Detection]: If no response can be confirmed from the peer within a certain period, the SA with the peer is deleted. Select a time that elapses before sending survival confirmation information to the peer how has not responded. [15] sec is specified by default.
|