beautypg.com

Ikev1 settings for an ipsec template – Brother HLL9410CDN Enterprise Color Laser Printer User Manual

Page 144

background image

Home >

Security

>

Use IPsec

>

Configure an IPsec Template Using Web Based Management

> IKEv1

Settings for an IPsec Template

IKEv1 Settings for an IPsec Template

Option

Description

Template Name

Type a name for the template (up to 16 characters).

Use Prefixed Template

Select

Custom

,

IKEv1 High Security

or

IKEv1 Medium Security

. The

setting items are different depending on the selected template.

Internet Key Exchange (IKE)

IKE is a communication protocol that is used to exchange encryption
keys in order to carry out encrypted communication using IPsec. To
carry out encrypted communication for that time only, the encryption
algorithm that is necessary for IPsec is determined and the encryption
keys are shared. For IKE, the encryption keys are exchanged using the
Diffie-Hellman key exchange method, and encrypted communication
that is limited to IKE is carried out.
If you selected

Custom

in

Use Prefixed Template

, select

IKEv1

.

Authentication Type

Diffie-Hellman Group

This key exchange method allows secret keys to be securely
exchanged over an unprotected network. The Diffie-Hellman key
exchange method uses a discrete logarithm problem, not the
secret key, to send and receive open information that was
generated using a random number and the secret key.
Select

Group1

,

Group2

,

Group5

, or

Group14

.

Encryption

Select

DES

,

3DES

,

AES-CBC 128

, or

AES-CBC 256

.

Hash

Select

MD5

,

SHA1

,

SHA256

,

SHA384

or

SHA512

.

SA Lifetime

Specify the IKE SA lifetime.
Type the time (seconds) and number of kilobytes (KByte).

Encapsulating Security

Protocol

Select

ESP

,

AH

, or

AH+ESP

.

-

ESP is a protocol for carrying out encrypted communication
using IPsec. ESP encrypts the payload (communicated
contents) and adds additional information. The IP packet
comprises the header and the encrypted payload, which
follows the header. In addition to the encrypted data, the IP
packet also includes information regarding the encryption
method and encryption key, the authentication data, and so
on.

-

AH is part of the IPsec protocol that authenticates the
sender and prevents manipulation (ensures the
completeness) of the data. In the IP packet, the data is
inserted immediately after the header. In addition, the
packets include hash values, which are calculated using an
equation from the communicated contents, secret key, and
so on, in order to prevent the falsification of the sender and
manipulation of the data. Unlike ESP, the communicated
contents are not encrypted, and the data is sent and
received as plain text.

Encryption

Select

DES

,

3DES

,

AES-CBC 128

, or

AES-CBC 256

.

Hash

Select

None

,

MD5

,

SHA1

,

SHA256

,

SHA384

or

SHA512

.

139

See also other documents in the category Brother Printers: