beautypg.com

Ikev2 settings for an ipsec template – Brother HLL9410CDN Enterprise Color Laser Printer User Manual

Page 146

background image

Home >

Security

>

Use IPsec

>

Configure an IPsec Template Using Web Based Management

> IKEv2

Settings for an IPsec Template

IKEv2 Settings for an IPsec Template

Option

Description

Template Name

Type a name for the template (up to 16 characters).

Use Prefixed Template

Select

Custom

,

IKEv2 High Security

, or

IKEv2 Medium Security

.

The setting items are different depending on the selected template.

Internet Key Exchange (IKE)

IKE is a communication protocol that is used to exchange encryption
keys in order to carry out encrypted communication using IPsec. To
carry out encrypted communication for that time only, the encryption
algorithm that is necessary for IPsec is determined and the encryption
keys are shared. For IKE, the encryption keys are exchanged using the
Diffie-Hellman key exchange method, and encrypted communication
that is limited to IKE is carried out.
If you selected

Custom

in

Use Prefixed Template

, select

IKEv2

.

Authentication Type

Diffie-Hellman Group

This key exchange method allows secret keys to be securely
exchanged over an unprotected network. The Diffie-Hellman key
exchange method uses a discrete logarithm problem, not the
secret key, to send and receive open information that was
generated using a random number and the secret key.
Select

Group1

,

Group2

,

Group5

, or

Group14

.

Encryption

Select

DES

,

3DES

,

AES-CBC 128

, or

AES-CBC 256

.

Hash

Select

MD5

,

SHA1

,

SHA256

,

SHA384

or

SHA512

.

SA Lifetime

Specify the IKE SA lifetime.
Type the time (seconds) and number of kilobytes (KByte).

Encapsulating Security

Protocol

Select

ESP

.

ESP is a protocol for carrying out encrypted communication
using IPsec. ESP encrypts the payload (communicated
contents) and adds additional information. The IP packet
comprises the header and the encrypted payload, which follows
the header. In addition to the encrypted data, the IP packet also
includes information regarding the encryption method and
encryption key, the authentication data, and so on.

Encryption

Select

DES

,

3DES

,

AES-CBC 128

, or

AES-CBC 256

.

Hash

Select

MD5

,

SHA1

,

SHA256

,

SHA384

, or

SHA512

.

SA Lifetime

Specify the IKE SA lifetime.
Type the time (seconds) and number of kilobytes (KByte).

Encapsulation Mode

Select

Transport

or

Tunnel

.

Remote Router IP-Address

Type the IP address (IPv4 or IPv6) of the remote router. Enter this
information only when the

Tunnel

mode is selected.

141

See also other documents in the category Brother Printers: