Brother International MFC-J6945DW Online Users Guide HTML - Page 462
Manual Settings for an IPsec Template
View all Brother International MFC-J6945DW manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 462 highlights
Home > Security > Manage Your Network Machine Securely Using IPsec > Configure an IPsec Template Using Web Based Management > Manual Settings for an IPsec Template Manual Settings for an IPsec Template Option Template Name Use Prefixed Template Internet Key Exchange (IKE) Authentication Key (ESP, AH) Description Type a name for the template (up to 16 characters). Select Custom. IKE is a communication protocol that is used to exchange encryption keys in order to carry out encrypted communication using IPsec. To carry out encrypted communication for that time only, the encryption algorithm that is necessary for IPsec is determined and the encryption keys are shared. For IKE, the encryption keys are exchanged using the Diffie-Hellman key exchange method, and encrypted communication that is limited to IKE is carried out. Select Manual. Type the In/Out values. These settings are necessary when Custom is selected for Use Prefixed Template, Manual is selected for Internet Key Exchange (IKE), and a setting other than None is selected for Hash for Encapsulating Security section. Code key (ESP) The number of characters you can set differs depending on the setting you chose for Hash in the Encapsulating Security section. If the length of the specified authentication key is different than the selected hash algorithm, an error will occur. • MD5: 128 bits (16 bytes) • SHA1: 160 bits (20 bytes) • SHA256: 256 bits (32 bytes) • SHA384: 384 bits (48 bytes) • SHA512: 512 bits (64 bytes) When you specify the key in ASCII Code, enclose the characters in double quotation marks ("). Type the In/Out values. These settings are necessary when Custom is selected in Use Prefixed Template, Manual is selected in Internet Key Exchange (IKE), and ESP is selected in Protocol in Encapsulating Security. The number of characters you can set differs depending on the setting you chose for Encryption in the Encapsulating Security section. If the length of the specified code key is different than the selected encryption algorithm, an error will occur. • DES: 64 bits (8 bytes) • 3DES: 192 bits (24 bytes) • AES-CBC 128: 128 bits (16 bytes) • AES-CBC 256: 256 bits (32 bytes) When you specify the key in ASCII Code, enclose the characters in double quotation marks ("). SPI These parameters are used to identify security information. Generally, a host has multiple Security Associations (SAs) for several types of IPsec communication. Therefore, it is necessary to identify the applicable SA when an IPsec packet is received. The SPI parameter, which identifies the SA, is included in the Authentication Header (AH) and Encapsulating Security Payload (ESP) header. 454