Home ApplicationIPsec Setting

IPsec Setting

IPsec Setting (IKEv1 Setting)

Specifies the IKEv1 setting. For details about the settings, refer to [Network Setting] - [NIC Setting] - [TCP/IP Setting] in Administrator Setting.

  1. Access IPsec Setting to display the IPsec Operation Selection screen.

  2. Select the [IPsec Setting] radio button, and click [OK]. The [IPsec Setting] screen is displayed.

  3. Click [Edit] of [IKEv1].

  4. Set [Encryption Algorithm].

    Select the checkbox of the encryption algorithm to be set. When selecting the [AES-CBC] checkbox, select the key length to be set from the [Key Length] drop-down list.

  5. Set [Authentication Algorithm].

    Select the checkbox of the authentication algorithm to be set. When selecting the [SHA-2] checkbox, select the desired key length from the [Key Length] drop-down list.

  6. Enter a desired period of time into the [Key Validity Period] text box. The available range is 600 to 604800 (seconds).

  7. Select a group from the [Diffie-Hellman Group] drop-down list.

  8. Select either [Main Mode] or [Aggressive Mode] from the [Negotiation Mode] drop-down list.

  9. Click [OK]. Clicking [Cancel] cancels the setting.

  10. Click [OK] on the setting complete screen.

    The screen returns to the [IPsec Setting] screen.

IPsec Setting (IKEv2 Setting)

Set the IKEv2 setting. For details about the settings, refer to [Network Setting] - [NIC Setting] - [TCP/IP Setting] in Administrator Setting.

  1. Display the [IPsec Setting] screen.

    • The procedures are the same as Steps 1 to 2 in "IPsec Setting (IKEv1 Setting)."

  2. Click [Edit] of [IKEv2].

  3. Set [Encryption Algorithm], [Authentication Algorithm], and [Key Validity Period].

    • The procedures are the same as Steps 4 to 6 in "IPsec Setting (IKEv1 Setting)."

  4. Set the priority of [Diffie-Hellman Group].

    Select a group from each drop-down list of [Priority1] to [Priority4].

  5. Click [OK]. Clicking [Cancel] cancels the setting.

  6. Click [OK] on the setting complete screen.

    The screen returns to the [IPsec Setting] screen.

IPsec Setting (SA Setting)

Registers SAs, edits the registered SAs, and deletes the registered SAs. For details about the settings, refer to [Network Setting] - [NIC Setting] - [TCP/IP Setting] in Administrator Setting.

  1. Display the [IPsec Setting] screen.

    • The procedures are the same as Steps 1 to 2 in "IPsec Setting (IKEv1 Setting)."

  2. Click [Create] in [SA].

    • When editing the registered SA, click [Edit].

  3. Specify the SA setting.

    • Enter the name of the SA in the [Name] field. Up to 10 one-byte characters can be used.

    • Select the options from the [Encapsulation Mode], [Security Protocol], and [Key Exchange Method] drop-down lists.

    • Enter a desired period of time into the [Lifetime After Establishing SA] text box. The available range is 600 to 604800 (seconds).

  4. Specify the IKE setting.

    • Select the options from the [Authentication Method], [ESN], and [Replay Detection] drop-down lists.

    • Select the checkboxes of [ESP Encryption Algorithm], [ESP Authentication Algorithm], and [AH Authentication Algorithm] to be set. Depending on the selected items, select the key length to be set from the [Key Length] drop-down list.

    • Select the checkbox when enabling [Perfect Forward Secrecy].

    • Select a group from the [Diffie-Hellman Group(IKEv1)] drop-down list.

    • Set the priority of [Diffie-Hellman Group(IKEv2)]. Select a group from each drop-down list of [Priority1] to [Priority4].

  5. Set the manual key setting.

    • Select an item from a drop-down list for [Encryption Algorithm] or [Authentication Algorithm]. Depending on the selected items, select the key length to be set from the [Key Length] drop-down list.

    • Enter a value ranging from 256 to 4294967295 in each field of [Receive] and [Send] in [SA Index].

    • Enter a key in each field of [Receive] and [Send] in [Common Keys for Enc.]. You can enter up to 64 alphanumeric characters.

    • Enter a key in each field of [Receive] and [Send] in [Common Keys for Auth.]. You can enter up to 64 alphanumeric characters.

  6. Click [OK]. Clicking [Cancel] cancels the setting.

  7. Click [OK] on the setting complete screen.

    The screen returns to the [IPsec Setting] screen.

  8. When deleting the SA, click [Delete].

  9. Click [OK] on the confirmation screen. Click [Cancel] to cancel the deletion.

  10. Click [OK] on the setting complete screen.

    The screen returns to the [IPsec Setting] screen.

IPsec Setting (Peer Registration)

Registers peers, edits the registered peers, and deletes the registered peers. For details about the settings, refer to [Network Setting] - [NIC Setting] - [TCP/IP Setting] in Administrator Setting.

  1. Display the [IPsec Setting] screen.

    • The procedures are the same as Steps 1 to 2 in "IPsec Setting (IKEv1 Setting)."

  2. Click [Create] in [Peer].

    • When editing the registered peer, click [Edit].

  3. Enter the name of the peer in the [Name] field.

    • Up to 10 one-byte characters can be used.

  4. Select a radio button of the [Set IP Address], and enter the IP address and other information.

  5. Enter a string in each field of [Pre-Shared Key Text] and [Key-ID String]. You can enter up to 128 alphanumeric characters and symbols.

  6. Click [OK]. Clicking [Cancel] cancels the setting.

  7. Click [OK] on the setting complete screen.

    The screen returns to the [IPsec Setting] screen.

  8. When deleting the peer, click [Delete].

  9. Click [OK] on the confirmation screen. Click [Cancel] to cancel the deletion.

  10. Click [OK] on the setting complete screen.

    The screen returns to the [IPsec Setting] screen.

IPsec Setting (Protocol Setting)

Registers protocol settings, edits the registered protocol settings, and deletes the registered protocol settings. For details about the settings, refer to [Network Setting] - [NIC Setting] - [TCP/IP Setting] in Administrator Setting.

  1. Display the [IPsec Setting] screen.

    • The procedures are the same as Steps 1 to 2 in "IPsec Setting (IKEv1 Setting)."

  2. Click [Create] in [Protocol Setting].

    • When editing the registered protocol setting, click [Edit].

  3. Enter the name of the protocol setting in the [Name] field.

    • Up to 10 one-byte characters can be used.

  4. Select a protocol identification from the [Protocol Identification Setting] drop-down list.

  5. Select a radio button of the [Port Number] setting, and enter the port number.

  6. Click [OK]. Clicking [Cancel] cancels the setting.

  7. Click [OK] on the setting complete screen.

    The screen returns to the [IPsec Setting] screen.

  8. When deleting the protocol setting, click [Delete].

  9. Click [OK] on the confirmation screen. Click [Cancel] to cancel the deletion.

  10. Click [OK] on the setting complete screen.

    The screen returns to the [IPsec Setting] screen.