Brother HL-S7000DN Settings Manual
Ip security setting guide - english
Hide thumbs
Also See for HL-S7000DN:
- Service manual (460 pages) ,
- User manual (161 pages) ,
- Network user's manual (117 pages)
Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Related Manuals for Brother HL-S7000DN
Summary of Contents for Brother HL-S7000DN
- Page 1 IPsec Setting Guide Version 0...
-
Page 2: Definitions Of Notes
Definitions of notes We use the following icon throughout this user’s guide: Notes tell you how you should respond to a situation that may arise or give Note tips about how the operation works with other features. Trademarks The Brother logo is a registered trademark of Brother Industries, Ltd. Any trade names and product names of companies appearing on Brother products, related documents and any other materials are all trademarks or registered trademarks of those respective companies. -
Page 3: Table Of Contents
Table of Contents Introduction Overview..............................1 Configuration using Web Based Management (web browser) ..............2 IPsec Settings Address Template............................5 Service Template............................7 IPsec Service Template........................7 Setup Service ............................8 IPsec Template............................12 Appendix A Service Templates ...........................20 Type/Code ...............................22... -
Page 4: Introduction
Introduction Overview IPsec (Internet Protocol Security) is a security protocol that uses an optional Internet Protocol function to prevent manipulation and ensure the confidentiality of data transmitted as IP packets. IPsec encrypts data carried over the network, such as print data sent from computers to a printer. Because the data is encrypted at the network layer, applications that use a higher-level protocol use IPsec even if the user is not aware of its use. -
Page 5: Configuration Using Web Based Management (Web Browser)
Introduction Configuration using Web Based Management (web browser) Use the IPsec setting screen for Web Based Management to specify the IPsec connection conditions. The IPsec connection conditions are comprised of three Template types: Address, Service, and IPsec, and a maximum of 10 connection conditions can be configured. Start your web browser. - Page 6 Introduction • Main: The main mode is used. • Aggressive: The aggressive mode is used. Note IKE is a protocol that is used to exchange encryption keys in order to carry out encrypted communication using IPsec. If the Main mode is selected, the processing speed is slow, but the security is high. If the Aggressive mode is selected, the processing speed is faster than when the Main mode is selected, but the security is lower.
- Page 7 Introduction Submit Click this button to register the settings. If the computer must be restarted to change the settings, the restart confirmation screen will be displayed when this button is clicked. Note If you select the Enabled check box and click Submit, an error will occur if there is a blank item for the selected template.
-
Page 8: Ipsec Settings
IPsec Settings Address Template Specify the IP addresses that will be used for the IPsec connection conditions. A maximum of 10 Address Template can be used. Start your web browser. Type “http://machine’s IP address/” into your browser (where “machine’s IP address” is the machine’s IP address). - Page 9 IPsec Settings Template Name Enter a name for the template in this box. (Maximum of 16 characters) Local IP Address Specify the IP address conditions for the sender. • IP Address Specify the IP address. Select ALL IPv4 Address, ALL IPv6 Address, All Link Local IPv6, or Custom.
-
Page 10: Service Template
IPsec Settings Service Template IPsec Service Template Specify the protocol and the port number to use for IPsec connections. A maximum of 10 Service Template can be used. Start your web browser. Type “http://machine’s IP address/” into your browser (where “machine’s IP address” is the machine’s IP address). -
Page 11: Setup Service
IPsec Settings Template Name Enter a name for the template in this box. (Maximum of 16 characters) Service Name The default service names and previously created service names are displayed. Select the services that you want to add to the template. ... - Page 12 IPsec Settings Click the number for the Service Name that you want to create. Select the services that you want to use for IPsec in the screen below. The setting items are different depending on the selected Protocol. (Protocol:ALL) (Protocol:TCP or UDP)
- Page 13 IPsec Settings (Protocol: ICMP) Service Name Enter a name for the service in this box. (Maximum of 16 characters) Direction Specify the communication direction. Select Initiator, Responder, or Both. Protocol Specify the protocol that is enabled. Select ALL, TCP, UDP, or ICMP. The setting items are different depending on the selected Protocol.
- Page 14 IPsec Settings Submit Click this button to register the settings. Note When you change the settings of the currently used template, the IPsec setting screen for Web Based Management will close and open again.
-
Page 15: Ipsec Template
IPsec Settings IPsec Template Configure the IKE/IPsec settings. A maximum of 10 IPsec Template can be used. Start your web browser. Type “http://machine’s IP address/” into your browser (where “machine’s IP address” is the machine’s IP address). For example: http://192.168.1.2/ No password is required by default. - Page 16 IPsec Settings Click the number for the IPsec Template that you want to create. Configure the IPsec settings in the screen below, and create the IPsec Template. The setting items are different depending on the selected Use Prefixed Template and Internet Key Exchange (IKE). (IKE:Preset) (IKE:IKEv1)
- Page 17 IPsec Settings (IKE:IKEv2) Template Name Enter a name for the template in this box. (Maximum of 16 characters) Use Prefixed Template Select Custom, IKEv1 High Security, IKEv1 Medium Security, IKEv2 High Security, or IKEv2 Medium Security. The setting items are different depending on the selected template. Note The default template differs depending on whether you chose Main or Aggressive in Negotiation Mode on the IPsec setting screen.
- Page 18 IPsec Settings • Diffie-Hellman Group This key exchange method allows secret keys to be securely exchanged over an unprotected network. The Diffie-Hellman key exchange method uses a discrete logarithm problem, not the secret key, to send and receive open information that was generated using a random number and the secret key.
- Page 19 IPsec Settings Note • ESP is a protocol for carrying out encrypted communication using IPsec. ESP encrypts the payload (communicated contents) and adds additional information. The IP packet is comprised of the header and the encrypted payload, which follows the header. In addition to the encrypted data, the IP packet also includes information regarding the encryption method and encryption key, the authentication data, and so •...
- Page 20 IPsec Settings communication channel before communication begins. SA may also refer to a virtual encrypted communication channel that has been established. The SA used for IPsec establishes the encryption method, exchanges the keys, and carries out mutual authentication according to the IKE (Internet Key Exchange) standard procedure.
- Page 21 IPsec Settings EAP is an authentication protocol that is an extension of PPP. By using EAP together with IEEE802.1x, a different key is used for user authentication and each session. The following settings are necessary only when EAP - MD5 or EAP - MS-CHAPv2 is selected in Authentication Method.
- Page 22 IPsec Settings Note The number of characters you can set differs depending on the setting you chose in Hash in Encapsulating Security. If the length of the specified authentication key is different from the selected hash algorithm, an error will occur.
-
Page 23: A Appendix A
Appendix A Service Templates You can use the following services by selecting the templates. 1 All Services IPsec is used for all protocols. 2 Print Services Service Name Protocol Local Port Remote Port IPPS FTP (Control) FTP (Data) P9100 9100 Web Services 3 Management Services Service Name... - Page 24 Appendix A Service Name Protocol Local Port Remote Port Kerberos (TCP) Kerberos (UDP) If you want to use Kerberos authentication, you must enable the DNS settings accordingly.
-
Page 25: Type/Code
Appendix A Type/Code The following types and codes are supported when ICMP is selected in Protocol. IPv4 Type Supported Codes Echo Reply Destination Unreachable 0,1,2,3,4,5,6,7,8,9,10,11,12 Source Quench Redirect 0,1,2,3 Echo Request Router Advertisement Router Solicitations IPv4 Code 0,1,2,3,4,5,6,7,8,9,10,11,12 IPv6 Type Supported Codes Destination Unreachable 0,1,2,3,4... - Page 26 Visit us on the World Wide Web http://www.brother.com/ www.brotherearth.com...