Loading ...
Loading ...
Loading ...
Conguring IPSec Settings
1W2U-07C
Internet Pr
otocol Security (IPSec or IPsec) is a protocol suite for encrypting data transported over a network, including
Internet networks. While TLS only encrypts data used on a specic application, such as a Web browser or an e-mail
application, IPSec encrypts either whole IP packets or the payloads of IP packets, offering a more versatile security
system. The IPSec of the machine works in transport mode, in which the payloads of IP packets are encrypted. With
this feature, the machine can connect directly to a computer that is in the same virtual private network (VPN). Check
the system requirements (
Management Functions(P. 711) ) and set the necessary congur
ation on the computer
before you congure the machine.
Using IPSec with IP address lter
● IP addr
ess lter settings are applied before the IPSec policies.
Specifying IP Addresses for Firewall
Settings(P
. 371)
Conguring IPSec Settings
Befor
e using IPSec for encrypted communication, you need to register security policies (SP). A security policy consists
of the groups of settings described below. After registering policies, specify the order in which they are applied.
Selector
Selector denes conditions for IP pack
ets to apply IPSec communication. Selectable conditions include IP
addresses and port numbers of the machine and the devices to communicate with.
IKE
IKE congur
es the IKEv1 that is used for key exchange protocol. Note that instructions vary depending on the
authentication method selected.
[Pre-Shared Key Method]
This authentication method uses a common key word, called Shared Key, for communication between the
machine and other devices. Enable TLS for the Remote UI before specifying this authentication method (
Conguring the Key and Certicate for TLS(P. 380) ).
[Digital Signature Method]
The machine and the other devices authenticate each other by mutually verifying their digital signatures.
Generate or install the key and certicate beforehand ( Registering the Key and Certicate for Network
Communication
(P. 389) ).
AH/ESP
Specify the settings for AH/ESP, which is added to packets during IPSec communication. AH and ESP can be used
at the same time. Y
ou can also select whether or not to enable PFS for tighter security.
Managing the Machine
391
Loading ...
Loading ...
Loading ...