Home » Brother International Manuals » Scanners » Brother International ADS-3000N » Manual Viewer

Brother International ADS-3000N Network Users Guide - Page 82

Internet Key Exchange IKE, Use Prefixed Template

View all Brother International ADS-3000N manuals

Add to My Manuals
Save this manual to your list of manuals

Page 82 highlights

Security Features Internet Key Exchange (IKE) IKE is a communication protocol used to exchange encryption keys to carry out encrypted communication using IPsec. To carry out encrypted communication this time only, the encryption algorithm necessary for IPsec is determined and the encryption keys are shared. For IKE, the encryption keys are exchanged using the Diffie-Hellman key exchange method, and the encrypted communication that is limited to IKE is carried out. If you selected Custom in Use Prefixed Template, select IKEv1, IKEv2, or Manual. If you selected a setting other than Custom, the IKE, authentication type and Encapsulating Security selected in Use Prefixed Template are displayed. Authentication Type Configure the IKE authentication and encryption.  Diffie-Hellman Group This key exchange method allows secret keys to be securely exchanged over an unprotected network. 6 The Diffie-Hellman key exchange method uses a discrete logarithm problem, not the secret key, to send and receive the open information generated using a random number and the secret key. Select Group1, Group2, Group5, or Group14.  Encryption Select DES, 3DES, AES-CBC 128, or AES-CBC 256.  Hash Select MD5, SHA1, SHA256, SHA384 or SHA512.  SA Lifetime Specify the IKE SA lifetime. Type the time (seconds) and number of kilobytes (KByte). Encapsulating Security  Protocol Select ESP. NOTE ESP is a protocol for carrying out encrypted communication using IPsec. ESP encrypts the payload (communicated contents) and adds additional information. The IP packet consists of the header and the encrypted payload, which follows the header. In addition to the encrypted data, the IP packet also includes information regarding the encryption method and encryption key, the authentication data, and so on.  Encryption Select DES, 3DES, AES-CBC 128, or AES-CBC 256.  Hash Select MD5, SHA1, SHA256, SHA384, or SHA512.  SA Lifetime Specify the IPsec SA lifetime. Type the time (seconds) and number of kilobytes (KByte). 78

Section	Page
Network User’s Guide	1
Table of Contents	2
1 Introduction	5
Network Features	5
Other Features	6
LDAP (ADS-2800W / ADS-3600W)	6
Scan to E-mail Server (ADS-2800W / ADS-3600W)	6
Security	6
Wi-Fi Direct® (ADS-2800W / ADS-3600W)	6
2 Changing Your Network Settings	7
Change Your Machine’s Network Settings	7
Using the Machine’s Control Panel (ADS-2800W / ADS-3600W)	7
How to Check the Network Status (ADS-2800W / ADS-3600W)	7
Using BRAdmin Light (Windows®)	7
Installing BRAdmin Light	7
Setting the IP address, Subnet Mask and Gateway Using BRAdmin Light	8
Other Management Utilities	10
Web Based Management	10
BRAdmin Professional 3 (Windows®)	10
3 Configuring Your Machine for a Wireless Network (ADS-2800W / ADS-3600W)	12
Overview	12
Confirm Your Network Environment	13
Connected to a Computer with a WLAN Access Point/Router in the Network (Infrastructure Mode)	13
Configuration Method	13
How to Check the WLAN Status (ADS-2800W / ADS-3600W)	13
Connected to a Wireless Capable Computer without a WLAN Access Point/Router in the Network (Ad-hoc Mode)	14
Configuration	15
When the SSID Is Not Broadcasting	15
Using WPS (Wi-Fi Protected Setup™)	22
Using the PIN Method of Wi-Fi Protected Setup™ (WPS)	23
Configuration in Ad-hoc Mode	26
Using a Configured SSID	26
Configure Your Machine for a Wireless Network Using the Machine’s Control Panel Setup Wizard	33
Use Wi-Fi Direct®	35
Scan from Your Mobile Device Using Wi-Fi Direct®	35
Configure Your Wi-Fi Direct® Network	36
Wi-Fi Direct® Network Configuration Overview	36
Configure Your Wi-Fi Direct® Network Using the One-Push Method	37
Configure Your Wi-Fi Direct® Network Using the One-Push Method of Wi-Fi Protected Setup™ (WPS)	38
Configure Your Wi-Fi Direct® Network Using the PIN Method	38
Configure Your Wi-Fi Direct® Network Using the PIN Method of Wi-Fi Protected Setup™ (WPS)	39
Configure Your Wi-Fi Direct® Network Manually	41
4 Web Based Management	42
Overview	42
Configure Your Machine Settings	43
Set a Login Password	44
Use LDAP Authentication	45
Introduction to LDAP Authentication	45
Configure LDAP Authentication using Web Based Managament	45
Log on to change the Machine Settings using the Machine’s Control Panel	46
Restrict Users	47
Configure Active Directory LDAP Authentication (ADS-2800W / ADS-3600W)	47
Unlock the Machine when Active Directory Authentication is Enabled	48
LDAP Operation (ADS-2800W / ADS-3600W)	48
Changing LDAP Configuration	48
Changing LDAP Configuration Using Your Machine’s Control Panel (ADS-2800W / ADS-3600W)	49
Synchronize with the SNTP Server	51
Change the Scan to FTP Configuration	53
Change the Scan to SFTP Configuration	54
Change the Scan to Network Configuration (Windows®)	56
Change the Scan to SharePoint Configuration (Windows®)	58
Configure TCP/IP Advanced Settings	60
Address Book Import/Export (ADS-2800W / ADS-3600W)	62
Address Book Import	62
Address Book Export	62
5 Scan to E-mail Server (ADS-2800W / ADS-3600W)	63
Overview	63
Size Restrictions When Using Scan to E-mail Server	63
Configure the Scan to E-mail Server Settings	64
Before Scanning to E-mail Server	64
How to Scan to E-mail Server	65
Additional Scan to E-mail Server Features	66
Transmission (TX) Verification Mail	66
Setup Mail TX	66
6 Security Features	67
Overview	67
Send an Email Securely (ADS-2800W / ADS-3600W)	68
Configuration Using Web Based Management	68
Sending an Email with User Authentication	68
Sending an Email Securely Using SSL/TLS	69
SMTP	69
Security Settings for SFTP	70
Create a Client Key Pair	70
Export a Client Key Pair	71
Import a Server Public Key	72
Manage Multiple Certificates	73
Importing a CA Certificate	73
Exporting a CA Certificate	74
Manage Your Network Machine Securely Using IPsec	75
Introduction to IPsec	75
Configure IPsec Using Web Based Management	76
Configure an IPsec Address Template Using Web Based Management	77
Configure an IPsec Template Using Web Based Management	78
IKEv1 Settings for an IPsec Template	79
IKEv2 Settings for an IPsec Template	81
Manual Settings for an IPsec Template	84
Restricting Scan Functions from External Devices	87
Restricting Scan Functions from External Devices Using a Web Browser Settings	87
Secure Function Lock 3.0 (ADS-2800W / ADS-3600W)	88
Before You Begin to Use Secure Function Lock 3.0	88
Turning Secure Function Lock on/off	89
Configure Secure Function Lock 3.0 Using Web Based Management	89
Firmware Update	90
7 Troubleshooting	91
Overview	91
Identifying Your Problem	91
Go to the page for your solution:	91
8 Additional Network Settings (Windows®)	101
Setting Types	101
Install Drivers Used for Scanning via Web Services (Windows Vista®, Windows® 7, Windows® 8, Windows® 8.1, Windows® 10)	101
Network Scanning Installation for Infrastructure Mode When Using Vertical Pairing (Windows® 7, Windows® 8, Windows® 8.1, Windows® 10)	103
A Appendix	104
Supported Protocols and Security Features	104
Web Based Management Function Table	105

Match case Limit results 1 per page

Security Features

Internet Key Exchange (IKE)

IKE is a communication protocol used to exchange encryption keys to carry out encrypted communication

using IPsec. To carry out encrypted communication this time only, the encryption algorithm necessary for

IPsec is determined and the encryption keys are shared. For IKE, the encryption keys are exchanged using

the Diffie-Hellman key exchange method, and the encrypted communication that is limited to IKE is carried

out.

If you selected

Custom

Use Prefixed Template

, select

IKEv1

IKEv2

, or

Manual

If you selected a setting other than

Custom

, the IKE, authentication type and Encapsulating Security selected

Use Prefixed Template

are displayed.

Authentication Type

Configure the IKE authentication and encryption.



Diffie-Hellman Group

This key exchange method allows secret keys to be securely exchanged over an unprotected network.

The Diffie-Hellman key exchange method uses a discrete logarithm problem, not the secret key, to send

and receive the open information generated using a random number and the secret key.

Select

Group1

Group2

Group5

, or

Group14



Encryption

Select

DES

3DES

AES-CBC 128

, or

AES-CBC 256



Hash

Select

MD5

SHA1

SHA256

SHA384

SHA512



SA Lifetime

Specify the IKE SA lifetime.

Type the time (seconds) and number of kilobytes (KByte).

Encapsulating Security



Protocol

Select

ESP

NOTE

ESP is a protocol for carrying out encrypted communication using IPsec. ESP encrypts the payload

(communicated contents) and adds additional information. The IP packet consists of the header and the

encrypted payload, which follows the header. In addition to the encrypted data, the IP packet also includes

information regarding the encryption method and encryption key, the authentication data, and so on.



Encryption

Select

DES

3DES

AES-CBC 128

, or

AES-CBC 256



Hash

Select

MD5

SHA1

SHA256

SHA384

, or

SHA512



SA Lifetime

Specify the IPsec SA lifetime.

Type the time (seconds) and number of kilobytes (KByte).