Using a key pair and preinstalled CA certificates for authentication
Click the [Digital Signature Method] radio button for [Authentication Method] and then click [Key and
Click [Register Default Key] on the right of a key pair you want to use.
Viewing details of a key pair or certificate
You can check the details of the certificate or verify the certificate by clicking the corresponding text
link under [Key Name], or the certificate icon.
Specify the [Valid for] and [Authentication]/[Encryption]/[DH Group] settings.
Specify the IPSec Network Settings.
Select the check box to enable Perfect Forward Secrecy (PFS) for IPSec session keys. Enabling PFS enhances
the security while increasing the load on the communication. Make sure that PFS is also enabled for the other
[Specify by Time]/[Specify by Size]
Set the conditions for terminating a session for IPSec SA. IPSec SA is used as a communication tunnel. Select
either or both of the check boxes as necessary. If both check boxes are selected, the IPSec SA session is
terminated when either of the conditions has been satisfied.
[Specify by Time]
[Specify by Size]
Verifying Key Pairs and Digital Certificates(P. 266)
Enter a time in minutes to specify how long a session lasts.
Enter a size in megabytes to specify how much data can be transported in a session.