28. In the "Security Methods" tab, check "Negotiate security" and then click [Add].
29. Select "Custom" and click [Settings].
30. In "Integrity algorithm", select the authentication algorithm that was specified on the printer
in Encryption Key Auto Exchange Settings Phase 2.
31. In "Encryption algorithm", select the encryption algorithm that specified on the printer in
Encryption Key Auto Exchange Settings Phase 2.
32. In Session key settings, select "Generate a new key every", and enter the validity period (in
seconds) that was specified on the printer in Encryption Key Auto Exchange Settings Phase
2.
33. Click [OK] three times.
34. Click [Next].
35. Click [Finish].
If you are using IPv6 under Windows Vista or a newer version of Windows, you must repeat this
procedure from step 13 and specify ICMPv6 as an exception. When you reach step 23, select [58]
as the protocol number for the "Other" target protocol type, and then set [Negotiate security] to
[Permit].
36. Click [OK].
37. Click [Close].
38. Select the security policy that you have just created, right click on it, and then click [Assign].
• To disable the computer's IPsec settings, select the security policy, right click, and then click [Un-
assign].
•
If you specify the "Authentication and High Level Encryption" security level in encryption key auto
exchange settings, you must also select the "Master key perfect forward secrecy (PFS)" check box in
the Security Filter Properties screen (which appears in step 27). When using PFS in Windows XP, the
PFS group number used in phase 2 is automatically negotiated in phase 1 from the Diffie-Hellman
group number (set in step 11). Consequently, if you change the security level-specified automatic
settings on the printer and "User Setting" appears, you must then specify the same the group number
for "Phase 1 Diffie-Hellman Group" and "Phase 2 PFS" on the printer to establish IPsec transmission.
Encryption Key Manual Settings Configuration Flow
This can be specified by the network administrator.
Transmission Using IPsec
117
To Next Page
Loading...
Need help?
General