Kyocera FS-6525MFP Kyocera Command Center RX User Guide Rev-1.60 - Page 76

Lifetime Time/Lifetime Data Size, Data Protection IKE phase2

Get Kyocera FS-6525MFP PDF manuals and user guides View all Kyocera FS-6525MFP manuals
Add to My Manuals
Save this manual to your list of manuals

Page 76 highlights

Settings Pages Data Protection (IKE phase2) In IKE phase2, IPSec SAs such as AH or ESP are established by using SAs established in IKE phase1. Configure the following items so that they meet the requirement of the other end. • Protocol Select ESP or AH for the protocol. ESP protects the privacy and integrity of the packet contents. Select the hash algorithm and encryption algorithm below. AH protects the integrity of the packet contents using encryption checksum. Select the hash algorithm below. • Hash Selects the hash algorithm. • Encryption Selects the encryption algorithm. (When ESP is selected under Protocol.) • PFS When PFS is set to On (enabled), even if a key is decrypted, the decrypted key cannot be used to decrypt the other keys generated after the decryption. This improves the safety, but imposes a heavy burden because of more keygeneration processes. • Diffie-Hellman Group The Diffie-Hellman key-sharing algorithm allows two hosts on an unsecured network to share a private key securely. Select the Diffie-Hellman group to use for key sharing. • Lifetime Measurement Specifies whether the lifetime is measured by time or by time and data size. • Lifetime (Time)/Lifetime (Data Size) Specifies the lifetime of an IPSec SA. Lifetime Measurement allows you to select whether to use time or data size to specify the lifetime. When you select Time & Data Size, an SA is disabled and updated when either the time or data size of the SA exceeds the specified value. • IP Version Specifies the IP version of the other end. Select IPv4 or IPv6. • IP Address (IPv4) Specifies the IPv4 addresses of the hosts or network with which the print system is connecting via IPSec. When you are restricting the scope of IPSec, be sure to specify the IP addresses. If this field is blank, all IPv4 addresses will be allowed to connect the print system. • IP Address (IPv6) Specifies the IPv6 addresses of the hosts or network with which the print system is connecting via IPSec. When you are restricting the scope of IPSec, be sure to specify the IP addresses. If this field is blank, all IPv6 addresses will be allowed to connect the print system. • Subnet Mask When IPv4 is selected for IP Version, this specifies the subnet mask of the hosts or network with which the print system is connecting via IPSec. If this field is blank, the specified addresses are considered to be host addresses. • Prefix Length 6-52 User Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
Settings Pages
Data Protection (IKE phase2)
In IKE phase2, IPSec SAs such as AH or ESP are established by using SAs
established in IKE phase1. Configure the following items so that they meet
the requirement of the other end.
Protocol
Select
ESP
or
AH
for the protocol.
ESP
protects the privacy and integrity of
the packet contents. Select the hash algorithm and encryption algorithm
below.
AH
protects the integrity of the packet contents using encryption
checksum. Select the hash algorithm below.
Hash
Selects the hash algorithm.
Encryption
Selects the encryption algorithm. (When
ESP
is selected under
Protocol
.)
PFS
When
PFS
is set to
On
(enabled), even if a key is decrypted, the decrypted
key cannot be used to decrypt the other keys generated after the decryption.
This improves the safety, but imposes a heavy burden because of more key-
generation processes.
Diffie-Hellman Group
The Diffie-Hellman key-sharing algorithm allows two hosts on an unsecured
network to share a private key securely. Select the Diffie-Hellman group to
use for key sharing.
Lifetime Measurement
Specifies whether the lifetime is measured by time or by time and data size.
Lifetime (Time)/Lifetime (Data Size)
Specifies the lifetime of an IPSec SA.
Lifetime Measurement
allows you to
select whether to use time or data size to specify the lifetime. When you
select
Time & Data Size
, an SA is disabled and updated when either the time
or data size of the SA exceeds the specified value.
IP Version
Specifies the IP version of the other end. Select
IPv4
or
IPv6
.
IP Address (IPv4)
Specifies the IPv4 addresses of the hosts or network with which the print
system is connecting via IPSec. When you are restricting the scope of IPSec,
be sure to specify the IP addresses. If this field is blank, all IPv4 addresses
will be allowed to connect the print system.
IP Address (IPv6)
Specifies the IPv6 addresses of the hosts or network with which the print
system is connecting via IPSec. When you are restricting the scope of IPSec,
be sure to specify the IP addresses. If this field is blank, all IPv6 addresses
will be allowed to connect the print system.
Subnet Mask
When
IPv4
is selected for
IP Version
, this specifies the subnet mask of the
hosts or network with which the print system is connecting via IPSec. If this
field is blank, the specified addresses are considered to be host addresses.
Prefix Length
6-52
User Guide