Canon VB-S800D User Manual - Page 62
[IPsec] Setting IPsec, IPsec, Auto Key Exchange Settings, IPsec Set Auto Key Exchange
View all Canon VB-S800D manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 62 highlights
[IPsec] Setting IPsec The following can be set here. • IPsec Set the IPsec setting method. • Auto Key Exchange Settings Set auto key exchange. • IPsec Set IP security can be specified through auto key exchange or manual setting with up to five communicating devices. IPsec (6) [DH Group] Select [Group 2] or [Group 2->Group 1] for the key generation information that will be used in the DH algorithm for key exchange via auto key exchange protocol IKE. (7) [ISAKMP SA Validity Period (min)] Set the duration of validity for ISAKMP SA (factory default setting is [480]). IPsec Set (Auto Key Exchange) IPsec Sets 1 to 5 are available, and you can specify IPsec settings for one communication device for each IPsec Set. (1) [IPsec] Key settings for use with IPsec can be selected as [Auto Key Exchange] or [Manual]. Auto Key Exchange Settings (1) [IPsec SA Encryption Algorithm] Set the IPsec SA encryption algorithm to [AES>3DES], [AES->3DES->DES] or [AES->3DES->DES>NULL]. The specified algorithm will be checked for an applicable encryption algorithm starting from the left. (2) [IPsec SA Authentication Algorithm] Set the IPsec SA authentication algorithm to [HMAC_SHA1_96] or [HMAC_SHA1_96-> HMAC_MD5_96]. The specified algorithm will be checked for an applicable authentication algorithm starting from the left. (3) [IPsec SA Validity Period (min)] Set the duration of validity for IPsec SA (factory default setting is [480]). (4) [ISAKMP SA Encryption Algorithm] Set the SA encryption algorithm for use with auto key exchange protocol IKE to [AES->3DES] or [AES-> 3DES->DES]. (5) [ISAKMP SA Authentication Algorithm] Set the SA authentication algorithm for use with auto key exchange protocol IKE to [SHA1] or [SHA1>MD5]. (1) [IPsec Set] Set IPsec Set to [Disable], [Enable in IPv4] or [Enable in IPv6]. (2) [IPsec Mode] Set IPsec mode to [Tunnel Mode] or [Transport Mode]. (3) [Destination IPv4 Address], [Destination IPv6 Address] Enter the IP address of the connection destination. (4) [Source IPv4 Address], [Source IPv6 Address] Enter the IP address of the source. (5) [Security Protocol] Set the IPsec protocol to [ESP], [AH] or [ESP and AH]. If [ESP] is selected, enter only the setting items relating to ESP. If [AH] is selected, enter only the setting items relating to AH. If [ESP and AH] is selected, enter all setting items. (6) [Security Gateway IPv4 Address], [Security Gateway IPv6 Address] If IPsec mode is set to [Tunnel Mode] in (2), set the IP address of the security gateway. (7) [Destination Subnet Mask Length] (IPv4), [Destination Prefix Length] (IPv6) This setting is required only if IPsec mode is set to [Tunnel Mode] in (2). If IPv6 is used, enter a desired prefix length for the connection destination in the range of 16 to 128. If IPv4 is used, enter a desired length in the range of 1 to 32. 62