TCP/IP Settings
This screen allows you to configure settings to connect the machine to a TCP/IP environment and use it.
The IP address can be checked and its acquisition method can be set, the DNS server can be set in the current operating environment, and the IPsec setting can be made based on the safety communication technology as follows.
Menu Item/Description | Setting Items/Options (with default bolded) | |||||
---|---|---|---|---|---|---|
TCP/IP Settings | ON, OFF | |||||
IPv4 Settings | ||||||
IP Application Method *1 | Manual Input, Auto Input | |||||
Manual Input | ||||||
IP Address | 0.0.0.0 (0 to 255) | |||||
Subnet Mask | 0.0.0.0 (0 to 255) | |||||
Default Gateway | 0.0.0.0 (0 to 255) | |||||
Auto Input | ||||||
DHCP Setting | ON, OFF | |||||
BOOTP Setting | ON, OFF | |||||
ARP/PING Setting | ON, OFF | |||||
AUTO IP Setting | ON, OFF | |||||
IPv6 Settings | ON, OFF *2 | |||||
Auto IPv6 Settings | ON, OFF *3 | |||||
DHCPv6 Setting | ON, OFF | |||||
Global Address | 0000:0000:0000:0000:0000: 0000:0000:0000 (1 to 39 bytes) *4 | |||||
Prefix Length | 1 to 128 (0) | |||||
Link Local Address | fe80: xxxx (where, "xxxx" is the Mac address) | |||||
Gateway Address | 0000:0000:0000:0000:0000: 0000:0000:0000 (1 to 39 bytes) *7 | |||||
DNS Host | ||||||
DNS Host Name | Up to 63 one-byte characters can be used. | |||||
Dynamic DNS Setting | Enable, Disable | |||||
DNS Domain | ||||||
Domain Name Auto Retrieval | Enable, Disable | |||||
Search Domain Name Auto Retrieval | Enable, Disable | |||||
DNS Default Domain Name | Up to 251 one-byte characters can be used. *9 | |||||
DNS Search Domain Name 1 | Up to 251 one-byte characters can be used. *9 | |||||
DNS Search Domain Name 2 | Up to 251 one-byte characters can be used. *9 | |||||
DNS Search Domain Name 3 | Up to 251 one-byte characters can be used. *9 | |||||
DNS Server Settings (IPv4) | ||||||
DNS Server Auto Obtain | Enable, Disable | |||||
Primary DNS Server | 0.0.0.0 (0 to 255) | |||||
Secondary DNS Server 1 | 0.0.0.0 (0 to 255) | |||||
Secondary DNS Server 2 | 0.0.0.0 (0 to 255) | |||||
DNS Server Settings (IPv6) | ||||||
DNS Server Auto Obtain | Enable, Disable | |||||
Primary DNS Server | 0000:0000:0000:0000:0000: 0000:0000:0000 (1 to 39 bytes) | |||||
Secondary DNS Server 1 | 0000:0000:0000:0000:0000: 0000:0000:0000 (1 to 39 bytes) | |||||
Secondary DNS Server 2 | 0000:0000:0000:0000:0000: 0000:0000:0000 (1 to 39 bytes) | |||||
IPsec Setting/IPsec Settings IPsec is a technique that prevents data falsification or data leakage on an IP packet basis using the encryption technology. | ||||||
IKE Settings Configure settings to create an IPsec common key. | ||||||
IKEv1 Settings | ||||||
Encryption Algorithm | DES-CBC, 3DES-CBC, AES-CBC | |||||
AES Key Length Settings *5 | ON, OFF 128, 192, 256, 128 and 192, 192 and 256, All | |||||
Authentication Algorithm | MD5, SHA-1, SHA-2 | |||||
SHA-2 Key Length Settings *6 | ON, OFF 256, 384, 512, 256 and 384, 384 and 512, All | |||||
Diffie-Hellman Group | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24 | |||||
Key Valid Time | 600 to 604800 (28800) (sec.) | |||||
Negotiation Mode | Main Mode, Aggressive Mode | |||||
IKEv2 Settings | ||||||
Encryption Algorithm | DES-CBC, 3DES-CBC, AES-CBC | |||||
AES Key Length Settings *5 | ON, OFF 128, 192, 256, 128 and 192, 192 and 256, All | |||||
Authentication Algorithm | MD5, SHA-1, SHA-2, AES-XCBC | |||||
SHA-2 Key Length Settings *6 | ON, OFF 256, 384, 512, 256 and 384, 384 and 512, All | |||||
Diffie-Hellman Group | ||||||
Priority 1 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24 | |||||
Priority 2 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Priority 3 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Priority 4 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Key Valid Period | 600 to 604800 (28800) (sec.) | |||||
IPsec SA Settings Set SA (Security Association) used to establish an encryption communication. | ||||||
Group 1 to Group 10 | ON, OFF | |||||
Group Name | Up to 10 one-byte characters can be used. | |||||
Encapsulation Mode | Tunnel Mode, Transport Mode | |||||
Tunnel End Point | IPv4 address or IPv6 address (Max. 39 bytes) | |||||
Security Protocol | AH, ESP | |||||
Key Exchange Method | IKEv1, IKEv2, Manual Key | |||||
Authentication Method | Pre-Shared Key, Digital Signature | |||||
Local Authentication Method | Pre-Shared Key, Digital Signature | |||||
Peer Authentication Method | Pre-Shared Key, Digital Signature, Pre-Shared Key/Digital Signature | |||||
ESN | Enable, Invalid | |||||
Replay Detection | Enable, Invalid | |||||
ESP Encryption Algorithm | AES_CBC, AES_CTR, DES_CBC, AES-GCM-64, 3DES_CBC, AES-GCM, NULL, ENC-NULL-AES-GMAC | |||||
AES-CBC Key Length | 128, 192, 256, 128 and 192, 192 and 256, All | |||||
AES-CTR Key Length | 128, 192, 256, 128 and 192, 192 and 256, All | |||||
AES-GCM Key Length | 128, 192, 256, 128 and 192, 192 and 256, All | |||||
AES-GCM-64 Key Length | 128, 192, 256, 128 and 192, 192 and 256, All | |||||
ENC-NULL-AES-GMAC Key Len | 128, 192, 256, 128 and 192, 192 and 256, All | |||||
ESP Authentication Algorithm | MD5, SHA-1, SHA-2, AES-XCBC | |||||
SHA-2 Key Length | 256, 384, 512, 256 and 384, 384 and 512, All | |||||
AH Auth. Algorithm | MD5, SHA-1, SHA-2, AES-GMAC, AES-XCBC | |||||
SHA-2 Key Length | 256, 384, 512, 256 and 384, 384 and 512, All | |||||
AES-GMAC Key Length | 128, 192, 256, 128 and 192, 192 and 256, All | |||||
Perfect Forward Secrecy | Use, Not Use | |||||
Diffie-Hellman Group (IKEv1) | 1, 2, 5, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, OFF | |||||
Diffie-Hellman Group (IKEv2) | ||||||
Priority 1 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24 | |||||
Priority 2 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Priority 3 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Priority 4 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Encryption Algorithm | DES_CBC, 3DES_CBC, AES_CBC, NULL | |||||
AES Key Length | 128, 192, 256 | |||||
Authentication Algorithm | MD5, SHA1, SHA2, AES-XCBC | |||||
SHA2 Key Length | 256, 384, 512 | |||||
SA Index | ||||||
Receive | 256 to 4294967295 | |||||
Send | 256 to 4294967295 | |||||
Common Keys for Enc. | ||||||
Receive | ||||||
Send | ||||||
Common Keys for Auth. | ||||||
Receive | ||||||
Send | ||||||
Destroy Time after Setup | 600 to 604800 (3600) (sec.) | |||||
Peer | ||||||
Group 1 to Group 10 | ON, OFF | |||||
Group Name | Up to 10 one-byte characters can be used. | |||||
Addressing Mode | Unicast, Subnet Settings, Set Range | |||||
Unicast | IPv4 Address Input, IPv6 Address Input | |||||
Subnet Settings | IP Address: IPv4 Address Input, IPv6 Address Input Subnet Mask: IPv4 Address Input, IPv6 Address Input | |||||
Set Range | From IP Address: IPv4 Address Input, IPv6 Address Input To IP Address: IPv4 Address Input, IPv6 Address Input | |||||
Pre-Shared Key | ||||||
ASCII input | Up to 128 one-byte characters can be used. | |||||
Hexadecimal input | Up to 256 one-byte characters can be used. | |||||
Key-ID Key | Up to 128 one-byte characters can be used. | |||||
Protocol Setting | ||||||
Group 1 to Group 10 | ON, OFF | |||||
Group Name | Up to 10 one-byte characters can be used. | |||||
Protocol Identification Setting | TCP, UDP, ICMP, ICMPv6, Do Not Set | |||||
Port Specification Method | Port Number, Set Range | |||||
Port Number | Source Port Number: 1 to 65535 Destination Port Number: 1 to 65535 | |||||
Set Range | Source Port Number/Start Number: 1 to 65535 Source Port Number/End Number: 1 to 65535 Destination Port Number/Start Number: 1 to 65535 Destination Port Number/End Number: 1 to 65535 | |||||
Message Type (ICMP, ICMPv6) | Echo Request/Reply, Do Not Set | |||||
IPsec Setting/Enable Ipsec | ON, OFF | |||||
IPsec Policy | ||||||
Group 1 to Group 10 | ||||||
Group Name | Up to 10 one-byte characters can be used. | |||||
Peer | 1 to 10 keys | |||||
Protocol | 1 to 10 keys | |||||
IPsec Setting | 1 to 10 keys | |||||
Communication Type | Send and Receive, Send, Receive | |||||
Action | Protected, Allow, Deny, Cancel | |||||
Common Settings | ||||||
Dead Peer Detection | 15, 30, 45, 60, 75, 90, 105, 120 | |||||
Cookies | Enable, Invalid | |||||
ICMP Pass Settings | Enable, Invalid | |||||
ICMPv6 Pass Settings | Enable, Invalid | |||||
Default Action | Allow, Deny | |||||
Certificate Verification Level Settings | ||||||
Expiration Date | Confirm, Do Not Confirm | |||||
Key Usage | Confirm, Do Not Confirm | |||||
Chain |
| |||||
Expiration Date Confirmation | Confirm, Do Not Confirm | |||||
IPsec Setting - Communication Check | ||||||
Check Connection | ||||||
IP Address | IPv4 Address Input 0.0.0.0 (0 to 255) Ipv6 Address Input 0: 0: 0: 0: 0: 0: 0: 0 (1 to 39 bytes) | |||||
Check Connection | ||||||
Communication Error Log | Logs 1 to 20 | |||||
IP Filtering(Permit Access) | Enable, Disable Range 1: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) *11 Range 2: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Range 3: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Range 4: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Range 5: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) | |||||
IP Filtering(Deny Access) | Enable, Disable Range 1: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) *11 Range 2: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Range 3: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Range 4: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Range 5: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) | |||||
RAW Port Number | ||||||
Port 1 | 1 to 65535 (9100), Do Not Use *10 | |||||
Port 2 | 1 to 65535 (9112), Do Not Use | |||||
Port 3 | 1 to 65535 (9113), Do Not Use | |||||
Port 4 | 1 to 65535 (9114), Do Not Use | |||||
Port 5 | 1 to 65535 (9115), Do Not Use | |||||
Port 6 | 1 to 65535 (9116), Do Not Use | |||||
LLMNR Setting | Enable, Disable |
*1: | If Auto Input is selected, the following settings are available. |
*2: | If "IPv6 Settings" is set to OFF, this function is disabled even when "IPv6 Auto Setting" is set to ON. In Web Connection, the drop-down list of ''IPv6 Auto Setting'' is grayed out. |
*3: | Selecting OFF for "IPv6 Auto Setting" enables the setting change of "Global Address," "Prefix Length," and "Gateway Address." |
*4: | If the following address range is specified, it causes an error. |
*5: | This can be set if Encryption Algorithm is set to AES-CBS. |
*6: | This can be set if Encryption Algorithm is set to SHA-2. |
*7: | Available only for the range from fe80: 0: 0: 0: : to fe80: 0: 0: 0: ffff: ffff: ffff: ffff. |
*8: | If you use the Scan to SMB in Mac OS X 10.7 or later, set the SMB Authentication Method to NTLMv1/v2. |
*9: | Up to 253 one-byte characters including periods can be entered for the host name. To enter 64 characters or more, you need to use periods (.) to separate the characters. |
*10: | You can use the advanced settings in the Administrator Mode of Web Connection (for details, refer to [TCP/IP Setting]). |
*11: | Only one IP address, not a range, can be permitted/denied in three ways. For example, to permit/deny 192.168.11.22 only, enter: 192.168.11.22 - 0.0.0.0 0.0.0.0 - 192.168.11.22 192.168.11.22 - 192.168.11.22 |