Kyocera TASKalfa 500ci Kyocera Command Center Operation Guide Rev 6.3 - Page 59

Advanced > Security > IPSec > General, Match Rule of Common Name

Get Kyocera TASKalfa 500ci PDF manuals and user guides View all Kyocera TASKalfa 500ci manuals
Add to My Manuals
Save this manual to your list of manuals

Page 59 highlights

COMMAND CENTER Pages Authentication Type Selects either EAP-TLS or PEAP (EAP-MS-CHAPv2) for the authentication type. Login User Name Enter the name of the user who accesses the printing system. The IEEE802.1x client certificate of this user must be valid. Login Password You can set a PEAP-based password. (This setting is valid when PEAP [EAP-MS-CHAPv2] authentication type is selected.) Common Name Specifies the common name of the server certificate if the server is required to be authenticated. (This setting is valid when PEAP [EAP-MS-CHAPv2] authentication type is selected.) Match Rule of Common Name When the server certificate is verified, the common name specified under Common Name is compared with the common name on the server certificate. This item allows you to specify whether the common names are considered to be matched if they exactly or partially match. (This setting is valid when PEAP [EAP-MS-CHAPv2] authentication type is selected.) Expiration Verification When this option is enabled, the expiration of the server certificate is verified at communicating. If the server certificate is found expired, communication will fail. When it is disabled, the expiration will not be verified. Certificate Status Displays whether the certificate is active or not. Advanced > Security > IPSec > General This section allows you to set access restrictions for IPSec protocol-based communication. IPSec Specifies whether or not to enable the IPSec protocol. Select On to enable the IPSec protocol. Select Off to disable it. Restriction Specifies the default policy for non-IPSec packets. Select Allow to allow communication with all hosts and networks including those not permitted by the rules described under Advanced > Security > IPSec > Rule1 (to Rule3) on page 3-53. Select Deny to allow communication only with the hosts and networks permitted by the rules. Authentication Type Specifies the authentication type used for IKE phase1. To set a character string as the shared key and use it for communication, select Pre-shared and enter the string of the pre-shared key in the text box. To use a CA-issued device certificate or root certificate, select Certificates. When Expiration Verification is enabled, the expiration of the server certificate is verified at communicating. If the server certificate is found expired, communication will fail. When it is disabled, the expiration will not be verified. When you select Certificates, the contents of the CA certificate and root 1 to 3 certificates are displayed if they are enabled. When you click the CA or Root button, you can view, import or delete CA-issued or root certificates. Rule1 (to Rule3) COMMAND CENTER 3-52

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
COMMAND CENTER Pages
Authentication Type
Selects either EAP-TLS or PEAP (EAP-MS-CHAPv2) for the authentication
type.
Login User Name
Enter the name of the user who accesses the printing system. The
IEEE802.1x client certificate of this user must be valid.
Login Password
You can set a PEAP-based password. (This setting is valid when PEAP
[EAP-MS-CHAPv2] authentication type is selected.)
Common Name
Specifies the common name of the server certificate if the server is required
to be authenticated. (This setting is valid when PEAP [EAP-MS-CHAPv2]
authentication type is selected.)
Match Rule of Common Name
When the server certificate is verified, the common name specified under
Common Name
is compared with the common name on the server
certificate. This item allows you to specify whether the common names are
considered to be matched if they exactly or partially match. (This setting is
valid when PEAP [EAP-MS-CHAPv2] authentication type is selected.)
Expiration Verification
When this option is enabled, the expiration of the server certificate is verified
at communicating. If the server certificate is found expired, communication
will fail. When it is disabled, the expiration will not be verified.
Certificate Status
Displays whether the certificate is active or not.
Advanced > Security > IPSec > General
This section allows you to set access restrictions for IPSec protocol-based
communication.
IPSec
Specifies whether or not to enable the IPSec protocol. Select
On
to enable
the IPSec protocol. Select
Off
to disable it.
Restriction
Specifies the default policy for non-IPSec packets. Select
Allow
to allow
communication with all hosts and networks including those not permitted by
the rules described under
Advanced > Security > IPSec > Rule1 (to Rule3)
on page 3-53. Select
Deny
to allow communication only with the hosts and
networks permitted by the rules.
Authentication Type
Specifies the authentication type used for IKE phase1. To set a character
string as the shared key and use it for communication, select
Pre-shared
and enter the string of the pre-shared key in the text box. To use a
CA-issued device certificate or root certificate, select
Certificates
. When
Expiration Verification
is enabled, the expiration of the server certificate is
verified at communicating. If the server certificate is found expired,
communication will fail. When it is disabled, the expiration will not be verified.
When you select
Certificates
, the contents of the CA certificate and root 1 to
3 certificates are displayed if they are enabled. When you click the
CA
or
Root
button, you can view, import or delete CA-issued or root certificates.
Rule1 (to Rule3)
COMMAND CENTER
3-52