Brother International ADS-3000N Network Users Guide - Page 82
Internet Key Exchange IKE, Use Prefixed Template
View all Brother International ADS-3000N manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 82 highlights
Security Features Internet Key Exchange (IKE) IKE is a communication protocol used to exchange encryption keys to carry out encrypted communication using IPsec. To carry out encrypted communication this time only, the encryption algorithm necessary for IPsec is determined and the encryption keys are shared. For IKE, the encryption keys are exchanged using the Diffie-Hellman key exchange method, and the encrypted communication that is limited to IKE is carried out. If you selected Custom in Use Prefixed Template, select IKEv1, IKEv2, or Manual. If you selected a setting other than Custom, the IKE, authentication type and Encapsulating Security selected in Use Prefixed Template are displayed. Authentication Type Configure the IKE authentication and encryption. Diffie-Hellman Group This key exchange method allows secret keys to be securely exchanged over an unprotected network. 6 The Diffie-Hellman key exchange method uses a discrete logarithm problem, not the secret key, to send and receive the open information generated using a random number and the secret key. Select Group1, Group2, Group5, or Group14. Encryption Select DES, 3DES, AES-CBC 128, or AES-CBC 256. Hash Select MD5, SHA1, SHA256, SHA384 or SHA512. SA Lifetime Specify the IKE SA lifetime. Type the time (seconds) and number of kilobytes (KByte). Encapsulating Security Protocol Select ESP. NOTE ESP is a protocol for carrying out encrypted communication using IPsec. ESP encrypts the payload (communicated contents) and adds additional information. The IP packet consists of the header and the encrypted payload, which follows the header. In addition to the encrypted data, the IP packet also includes information regarding the encryption method and encryption key, the authentication data, and so on. Encryption Select DES, 3DES, AES-CBC 128, or AES-CBC 256. Hash Select MD5, SHA1, SHA256, SHA384, or SHA512. SA Lifetime Specify the IPsec SA lifetime. Type the time (seconds) and number of kilobytes (KByte). 78