Advanced > Security > Ipsec > Rule1 (To Rule3) - Kyocera FS-2100DN User Manual
Kyocera command center rx user guide rev-1.60
Hide thumbs
Also See for FS-2100DN:
- Operation manual (316 pages) ,
- Driver manual (96 pages) ,
- User manual (47 pages)
Table of Contents
Advertisement
Advanced > Security > IPSec > Rule1 (to Rule3)
COMMAND CENTER RX
Restriction
Specifies the default policy for non-IPSec packets. Select Allow to allow
communication with all hosts and networks including those not permitted by
the rules described under
on page 6-51. Select Deny to allow communication only with the hosts and
networks permitted by the rules.
Authentication Type
Specifies the authentication type used for IKE phase1. To set a character
string as the shared key and use it for communication, select Pre-shared
and enter the string of the pre-shared key in the text box. To use a CA-
issued device certificate or root certificate, select Certificates. When
Expiration Verification is enabled, the expiration of the server certificate is
verified at communicating. If the server certificate is found expired,
communication will fail. When it is disabled, the expiration will not be verified.
When you select Certificates, the contents of the CA certificate and root 1 to
3 certificates are displayed if they are enabled. When you click the CA or
Root button, you can view, import or delete CA-issued or root certificates.
Rule1 (to Rule3)
Shows whether the set rule is enabled or disabled. To enable or disable the
rule, refer to
Advanced > Security > IPSec > Rule1 (to Rule3)
These pages allow you to select or edit rules to use for IPSec protocol-based
communication.
Rule
Specifies whether or not to enable the selected IPSec policy rule. Select On
to enable the rule. Select Off to disable it.
Key Exchange (IKE phase1)
When using IKE phase1, a secure connection with the other end is
established by generating ISAKMP SAs. Configure the following items so
that they meet the requirement of the other end.
• Mode
Main Mode protects identifications but requires more messages to be
exchanged with the other end. Aggressive Mode requires fewer messages
to be exchanged with the other end than Main Mode but restricts
identification protection and narrows the extent of the parameter negotiations.
When Aggressive Mode is selected and Preshared is selected for
Authentication Type, only host addresses can be specified for IP addresses
of the rule.
• Hash
Selects the hash algorithm.
• Encryption
Selects the encryption algorithm.
• Diffie-Hellman Group
The Diffie-Hellman key-sharing algorithm allows two hosts on an unsecured
network to share a private key securely. Select the Diffie-Hellman group to
use for key sharing.
• Lifetime (Time)
Specifies the lifetime of an ISAKMP SA in seconds.
Advanced > Security > IPSec > Rule1 (to Rule3)
Settings Pages
on page 6-51.
6-51
Hide quick links:
Advertisement
Table of Contents
