Home » Kyocera Manuals » Printers » Kyocera FS-6525MFP » Manual Viewer

Kyocera FS-6525MFP Kyocera Command Center RX User Guide Rev-1.60 - Page 75

Advanced > Security > IPSec > Rule1 (to Rule3), Key Exchange IKE phase1

Get Kyocera FS-6525MFP PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 75 highlights

Settings Pages Restriction Specifies the default policy for non-IPSec packets. Select Allow to allow communication with all hosts and networks including those not permitted by the rules described under Advanced > Security > IPSec > Rule1 (to Rule3) on page 6-51. Select Deny to allow communication only with the hosts and networks permitted by the rules. Authentication Type Specifies the authentication type used for IKE phase1. To set a character string as the shared key and use it for communication, select Pre-shared and enter the string of the pre-shared key in the text box. To use a CAissued device certificate or root certificate, select Certificates. When Expiration Verification is enabled, the expiration of the server certificate is verified at communicating. If the server certificate is found expired, communication will fail. When it is disabled, the expiration will not be verified. When you select Certificates, the contents of the CA certificate and root 1 to 3 certificates are displayed if they are enabled. When you click the CA or Root button, you can view, import or delete CA-issued or root certificates. Rule1 (to Rule3) Shows whether the set rule is enabled or disabled. To enable or disable the rule, refer to Advanced > Security > IPSec > Rule1 (to Rule3) on page 6-51. Advanced > Security > IPSec > Rule1 (to Rule3) These pages allow you to select or edit rules to use for IPSec protocol-based communication. Rule Specifies whether or not to enable the selected IPSec policy rule. Select On to enable the rule. Select Off to disable it. Key Exchange (IKE phase1) When using IKE phase1, a secure connection with the other end is established by generating ISAKMP SAs. Configure the following items so that they meet the requirement of the other end. • Mode Main Mode protects identifications but requires more messages to be exchanged with the other end. Aggressive Mode requires fewer messages to be exchanged with the other end than Main Mode but restricts identification protection and narrows the extent of the parameter negotiations. When Aggressive Mode is selected and Preshared is selected for Authentication Type, only host addresses can be specified for IP addresses of the rule. • Hash Selects the hash algorithm. • Encryption Selects the encryption algorithm. • Diffie-Hellman Group The Diffie-Hellman key-sharing algorithm allows two hosts on an unsecured network to share a private key securely. Select the Diffie-Hellman group to use for key sharing. • Lifetime (Time) Specifies the lifetime of an ISAKMP SA in seconds. COMMAND CENTER RX 6-51

Section	Page
Table of Contents	3
1 Introduction	6
System Requirements	6
Protocols	6
Web Browser	6
Accessing the Embedded Server	6
2 The Embedded Server Home Page	7
Login	7
Top Bar	7
Navigation Menu	8
Status Displays	9
3 About Login	11
Levels of Login	11
4 Document Box	13
Custom Box	13
Adding a New Custom Box	13
Editing a Custom Box	13
Working with a Custom Box	14
Deleting a Custom Box	17
FAX Box	17
Adding a New FAX Box	17
Editing a FAX Box	17
Working with a FAX Box	18
Deleting a FAX Box	18
Sub Address Box	18
Adding a New Sub Address Box	18
Editing a Sub Address Box	19
Working with a Sub Address Box	19
Deleting a Sub Address Box	19
Polling Box	20
Polling Box Property	20
Deleting Documents in Polling Box	20
Printing Documents in Polling Box	20
5 Address Book	22
Contacts	22
Adding a New Contact	22
Editing a Contact	22
Deleting a Contact	23
Groups	23
Adding a New Group	23
Editing a Group	23
Deleting a Group	24
6 Settings Pages	25
Start Page	25
Start > Status (Device/Printer Status Page)	25
Start > Status Pages	26
Start > Information	28
Basic Page	28
Basic > Defaults > Network	28
Basic > Defaults > Time	29
Basic > Defaults > Reset	30
Basic > Defaults > Device Defaults	30
Basic > Security > Device Security > General	33
Basic > Security > Device Security > Interface Block	33
Basic > Security > Device Security > Network Security	34
Basic > Security > User Login	34
Adding a New User Login	34
Editing a User Login	34
Deleting a User Login	34
Basic > Security > Certificates	35
Device Certificate - Self Issued	35
Device Certificate - CA Issued	35
Root Certificate	36
Application Certificate	36
Printer Page	37
Printer > Summary of Network Printer Access Methods	37
Printer > System	37
Printer > System > APL.Filter (Japan only)	38
Printer > System > APL.Filter Parameters (Japan only)	38
Printer > Media Input	39
Printer > Document Output	39
Scanner Page	39
Scanner > Defaults	39
Scanner > FTP	40
Scanner > SMB	40
Scanner > E-mail	41
Scanner > Send and Forward	41
Scanner > i-FAX	43
Scanner > DSM Scan	43
FAX / i-FAX Page	44
FAX / i-FAX > Common > Defaults	44
FAX / i-FAX > Common > Receive	44
FAX / i-FAX > Common RX/Forward Requirements > General	45
Types of RX/Forward Requirements	45
Settings for Forwarding Processes Using a Requirement List	46
Settings for Applying the Same Forwarding Process without Using a Requirement List	49
Setting Destinations	49
Addition	49
Addition from the Address Book	50
Deletion	50
FAX / i-FAX > FAX > Defaults	50
FAX / i-FAX > FAX > Transmit	51
FAX / i-FAX > FAX > Receive	51
FAX / i-FAX > FAX > FAX Restrictions > General	52
FAX / i-FAX > FAX > FAX Restrictions > Permit Number List	53
FAX / i-FAX > FAX > FAX Restrictions > Permit ID List	53
FAX / i-FAX > FAX > FAX Restrictions > Reject Number List	53
FAX / i-FAX > FAX > Encryption Key	53
FAX / i-FAX > i-FAX > Defaults	53
FAX / i-FAX > i-FAX > SMTP	53
FAX / i-FAX > i-FAX > POP3	54
FAX / i-FAX > i-FAX > Domain Restrictions > General	55
FAX / i-FAX > i-FAX > Domain Restrictions > SMTP Restriction List	56
FAX / i-FAX > i-FAX > Domain Restrictions > POP3 Restriction List	56
Advanced Page	56
Advanced > Network Protocol Quick Summary/Secure Protocol Quick Summary	56
Advanced > Protocols > TCP/IP > General	56
Advanced > Protocols > TCP/IP > IP Filters	58
Advanced > Protocols > TCP/IP > Logical Printers	59
Advanced > Protocols > NetWare	60
Advanced > Protocols > IPP	61
Advanced > Protocols > ThinPrint	61
Advanced > Protocols > AppleTalk	62
Advanced > Protocols > NetBEUI	62
Advanced > E-mail > SMTP > General	62
Advanced > E-mail > SMTP > E-mail Recipient #	64
Advanced > E-mail > POP3 > General	65
Advanced > E-mail > POP3 > User #	65
Advanced > Management > SNMP > SNMPv1/v2c	66
Advanced > Management > SNMP > SNMPv3	67
Advanced > Management > LDAP > General	68
Advanced > Management > LDAP > Ext Address Book	69
Advanced > Management > Authentication > General	69
Advanced > Management > Authentication > Network User Property	70
Advanced > Management > Authentication > Group Authorization Set.	71
Adding a New Group	71
Editing a Group	71
Deleting a Group	71
Advanced > Management > IC-Card Settings	71
Advanced > Management > Notification/Maintenance > Maintenance Notification	72
Advanced > Management > Maintenance Notification > Sending Log History	72
Advanced > Security > Secure Protocols	73
Advanced > Security > IEEE802.1x	74
Advanced > Security > IPSec > General	74
Advanced > Security > IPSec > Rule1 (to Rule3)	75
Advanced > Link > HyPAS Device Online	77
7 Troubleshooting	78

Match case Limit results 1 per page

Settings Pages

Restriction

Specifies the default policy for non-IPSec packets. Select

Allow

to allow

communication with all hosts and networks including those not permitted by

the rules described under

Advanced > Security > IPSec > Rule1 (to Rule3)

on page 6-51. Select

Deny

to allow communication only with the hosts and

networks permitted by the rules.

Authentication Type

Specifies the authentication type used for IKE phase1. To set a character

string as the shared key and use it for communication, select

Pre-shared

and enter the string of the pre-shared key in the text box. To use a CA-

issued device certificate or root certificate, select

Certificates

. When

Expiration Verification

is enabled, the expiration of the server certificate is

verified at communicating. If the server certificate is found expired,

communication will fail. When it is disabled, the expiration will not be verified.

When you select

Certificates

, the contents of the CA certificate and root 1 to

3 certificates are displayed if they are enabled. When you click the

Root

button, you can view, import or delete CA-issued or root certificates.

Rule1 (to Rule3)

Shows whether the set rule is enabled or disabled. To enable or disable the

rule, refer to

Advanced > Security > IPSec > Rule1 (to Rule3)

on page 6-51.

Advanced > Security > IPSec > Rule1 (to Rule3)

These pages allow you to select or edit rules to use for IPSec protocol-based

communication.

Rule

Specifies whether or not to enable the selected IPSec policy rule. Select

to enable the rule. Select

Off

to disable it.

Key Exchange (IKE phase1)

When using IKE phase1, a secure connection with the other end is

established by generating ISAKMP SAs. Configure the following items so

that they meet the requirement of the other end.

•

Mode

Main Mode

protects identifications but requires more messages to be

exchanged with the other end.

Aggressive Mode

requires fewer messages

to be exchanged with the other end than

Main Mode

but restricts

identification protection and narrows the extent of the parameter negotiations.

When

Aggressive Mode

is selected and

Preshared

is selected for

Authentication Type

, only host addresses can be specified for IP addresses

of the rule.

•

Hash

Selects the hash algorithm.

•

Encryption

Selects the encryption algorithm.

•

Diffie-Hellman Group

The Diffie-Hellman key-sharing algorithm allows two hosts on an unsecured

network to share a private key securely. Select the Diffie-Hellman group to

use for key sharing.

•

Lifetime (Time)

Specifies the lifetime of an ISAKMP SA in seconds.

COMMAND CENTER RX

6-51