Setting By The Pc; Overview Of The Security Policy Setting; Ipsec Setting - Canon iR-ADV Security Kit-B1 Service Manual

3
Installation > Checking the Operation After Making the Settings > Overview of the Security Policy Setting

Setting by the PC

Communication condition of the PC:
In this procedure, the PC performs encryption communication with a device connected by
IPSec encryption.
It communicates with a device which has not been encrypted without encryption.
Checking the setting:
Encryption communication is regarded as successful when a ping is sent from the device
as usual and a response is returned after performing the setting accordingto the procedure
3 Installation > Checking the Operation After Making the Settings > Overview of the Security Policy Setting

Overview of the Security Policy Setting

In this procedure, a new policy is created by selecting Control Panel > All Control Panel Items
> Administrative Tools > Windows Firewall with Advanced Security.
Flow of setting procedure:
Setting location
Windows Firewall with Advanced Security on Local Computer
Windows Firewall Properties Control Panel > All Control Panel Items > Administrative Tools >
IPsec Settings
IPsec defaults
Key exchage(Main
Mode)
F-3-9
Data protection (Quick
Mode)
Authentication methodAuthentication method > Advanced > Customize > First
Connection Security Rules
Windows Firewall Properties Control Panel > All Control Panel Items > Administrative Tools >
Connection Security Rules
Rule Type
Endpoints
Requirements
Authentication Method Default
Protocol and Ports
Profile
Name
Connection Security Rules
Enable Rule
Setting item
Windows Firewall with Advanced Security
Windows Firewall with Advanced Security on Local Computer
Customize
Advanced > Customize > Edit Security Method > Add
Integrity algorithm : SHA-1
Encryption algorithm : AES-CBC 128
Key exchange algorithm : Diffie-Hellman Group 2
Do not choose "Use Deffie-Hellman for enhanced security" in Key
exchange options
Select "Require encryption for all connection security rules that
use these settings."
Add Intergrity and Encryption Algorithms,
Protocol : ESP (recommended)
Algorithms : AES-CBC 128
Integrity algorithm : SHA-1
Authentication > Add First Authentication Method >Preshared key
(not recommended) (Ex: canon)
Windows Firewall with Advanced Security
Custom
Any IP address
Require authentication for inbound and outbound connetions
Protocol type : Any
Select : Domain, Private, Public
Any (Ex : test)
Select the created policy and assign it by right-clicking the mouse.
3-7
T-3-1
3-7