Ipsec Protocols - HP 635n - JetDirect IPv6/IPsec Print Server Administrator's Manual

Jetdirect print servers

Hide thumbs Also See for 635n - JetDirect IPv6/IPsec Print Server:

Administrator's manual (202 pages)

How to use manual (101 pages)

Manuallines (33 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

Table of Contents

Table 5-7

IKE Phase 1 (Authentication) page (continued)

Item

Security Methods

Perfect Forward Secrecy

Replay detection

IKE Retries

IKE Retransmit Interval

IPsec Protocols

After authentication, this page is used to specify IPsec protocols and associated encryption to use for

Security Associations in this rule.

Item

ESP

Encapsulation Type

SA Lifetime

104

Chapter 5

IPsec Configuration

Description

(Required) Select the Encryption methods and strengths and Hash methods to be

used.

Selecting all the methods will result in a single negotiated method.

When secret keys are periodically replaced, Perfect Forward Secrecy (PFS)

indicates that the new keys are independently derived and unrelated to the prior

keys. This helps to ensure that data protected by the new keys is secure. While PFS

provides additional security, it requires additional processing overhead.

If PFS is desired, enable the following:

Identity Perfect Forward Secrecy (Master PFS): Enables PFS for identity protection.

Key Perfect Forward Secrecy (Session PFS): Enables PFS for key protection.

Diffie-Hellman Groups: (For Session PFS only) Select one or more Diffie-Hellman

groups to use during the key exchange.

IPsec protocols support anti-replay services. Enable or disable the IPsec anti-replay

algorithm.

Specify the number of times that IKE protocols are to be retried if a failure occurs.

Enter a value from 0 to 20.

Specify the time (in seconds) between successive IKE protocol retries if a failure

occurs. Enter a value from 0 to 5.

Description

Use IPsec Encapsulating Security Payload (ESP) protocol for IP packets. ESP

headers are inserted in packets to ensure privacy and integrity of packet contents.

Select among the supported encryption methods/strengths and Hash methods to be

used for data protection.

Use IPsec Authentication Header (AH) protocol for IP packets. AH headers are

inserted in packets to protect integrity of packet contents through cryptographic

checksums. Select among the supported Hash methods.

CAUTION

The use of IPsec AH may not function properly in environments

that use Network Address Translation (NAT).

Specify how the IPsec protocols selected (ESP or AH) will be encapsulated:

■

Transport: Only the user data in each IP packet is protected, the IP packet

header is not protected.

■

Tunnel: All packet fields are protected, including the IP packet header.

Specify the Security Association lifetime, either in seconds or in the number of

Kbytes. Within the limits specified, shorter lifetimes will provide improved security

depending on the frequency of SA use.

ENWW

Table of Contents

Troubleshooting

This manual is also suitable for:

635n

Ipsec Protocols - HP 635n - JetDirect IPv6/IPsec Print Server Administrator's Manual

IPsec Protocols

Troubleshooting

Related Manuals for HP 635n - JetDirect IPv6/IPsec Print Server

Related Content for HP 635n - JetDirect IPv6/IPsec Print Server

This manual is also suitable for:

Table of Contents