Manual settings for an ipsec template – Brother HLL9410CDN Enterprise Color Laser Printer User Manual
Page 149
Configure an IPsec Template Using Web Based Management
> Manual
Settings for an IPsec Template
Manual Settings for an IPsec Template
Option
Description
Template Name
Type a name for the template (up to 16 characters).
Use Prefixed Template
Select
Custom
.
Internet Key Exchange (IKE)
IKE is a communication protocol that is used to exchange encryption
keys in order to carry out encrypted communication using IPsec. To
carry out encrypted communication for that time only, the encryption
algorithm that is necessary for IPsec is determined and the encryption
keys are shared. For IKE, the encryption keys are exchanged using the
Diffie-Hellman key exchange method, and encrypted communication
that is limited to IKE is carried out.
Select
Manual
.
Authentication Key (ESP, AH)
Type the
In/Out
values.
These settings are necessary when
Custom
is selected for
Use
Prefixed Template
,
Manual
is selected for
Internet Key Exchange
(IKE)
, and a setting other than
None
is selected for
Hash
for
Encapsulating Security
section.
The number of characters you can set differs depending on the
setting you chose for
Hash
in the
Encapsulating Security
section.
If the length of the specified authentication key is different than
the selected hash algorithm, an error will occur.
•
MD5
: 128 bits (16 bytes)
•
SHA1
: 160 bits (20 bytes)
•
SHA256
: 256 bits (32 bytes)
•
SHA384
: 384 bits (48 bytes)
•
SHA512
: 512 bits (64 bytes)
When you specify the key in ASCII Code, enclose the
characters in double quotation marks (").
Code key (ESP)
Type the
In/Out
values.
These settings are necessary when
Custom
is selected in
Use
Prefixed Template
,
Manual
is selected in
Internet Key Exchange
(IKE)
, and
ESP
is selected in
Protocol
in
Encapsulating Security
.
The number of characters you can set differs depending on the
setting you chose for
Encryption
in the
Encapsulating
Security
section.
If the length of the specified code key is different than the
selected encryption algorithm, an error will occur.
•
DES
: 64 bits (8 bytes)
•
3DES
: 192 bits (24 bytes)
•
AES-CBC 128
: 128 bits (16 bytes)
•
AES-CBC 256
: 256 bits (32 bytes)
When you specify the key in ASCII Code, enclose the
characters in double quotation marks (").
SPI
These parameters are used to identify security information. Generally, a
host has multiple Security Associations (SAs) for several types of IPsec
communication. Therefore, it is necessary to identify the applicable SA
when an IPsec packet is received. The SPI parameter, which identifies
the SA, is included in the Authentication Header (AH) and
Encapsulating Security Payload (ESP) header.
144