Dascom 7010 PrintServer Manual User Manual

Internet Protocol Security (IPsec)

Print Server User Manual

125

Hash algorithm

Specifies the Hash algorithm to be used during the negotiation.

IKE SA lifetime

Specifies the duration of the IKE connection in seconds. When
the IKE SA lifetime expires, a re-authentication is required.
(optional)
(min. 600 sec / max. 4294967295 sec)

- Phase 2 -

IKE phase 2 negotiates the encryption and integrity parameters used to secure the

data packet to be transferred.

- Phase 2 -
Encapsulation type

Specifies how the IP data packet is handled within the SA. The
IPsec specification differentiates between the ’Transport Mode’
and the ’Tunnel Mode’.
- In the Transport Mode the IP data packet is encrypted.
However, the IP header will be kept.
- In the Tunnel Mode a complete IP data packet will be
encapsulated in another packet and be given a new IP header.

NOTE: The Tunnel Mode cannot be selected via the selection list
on the Printserver Homepage. Use a configuration file
(racoon/setkey) instead.

Diffie-Hellman group

Specifies the Diffie-Hellman group number for the creation of
additional dynamically generated temporary keys. The keys are
used during phase 2. (optional)

Encryption algorithm

Specifies the encryption code for phase 2.

Authentication
algorithm

Specifies the Hash algorithm for phase 2.

With AH protocol

Specifies the use of the ’Authentication Header’ protocol for the
protection of the packet integrity and packet authentication.
AH uses the authentication header to authenticate the packet. In
the IP data packet, the authentication header will be added after
the IP header.

IPsec SA lifetime

Specifies the duration of the IPsec SA connection in seconds. (
When the IPsec SA lifetime expires, you have to renew the IPsec
key.
(min. 600 sec / max. 4294967295 sec)

Parameter

Description