Kyocera TASKalfa Pro 15000c Pro 15000c Command Center RX User Guide - Page 54

Network Settings Specifies the default policy for non-IPSec packets. Select Allow to allow communication with all hosts and networks including those not permitted by the rules. Select Deny to allow communication only with the hosts and networks permitted by the rules. Allowed means normal traffic (not defined by the IPSec rules) will be allowed to reach the device. Denied means only IPSec traffic (as defined by the IPSec rules) will be allowed to reach the device and all other traffic (not defined by the IPSec rules) will be denied to reach the device. Root Certificate Displays whether the certificate is active. Root Certificate 1 Subject through Root Certificate 5 Subject are displayed. Configure the device certificate on the Certificates page. IPSec Rules Allows to validate the rule used for communication using the IPSec protocol. Rule 1 through Rule 10 are displayed. To activate this item, click Settings button and configure the following on the IPSec Rule Settings page. 1. Policy Rule: Select whether the rules for IPSec communication are used or not. Key Management Type: Select a type of the key used for the rule from IKEv1, IKEv2, and Manual. Encapsulation Mode: Transport encapsulates an encrypted data and transmits along with an IP header. This is the simplest method when both the transmitting host and receiving host have the IPSec protocol supported. Tunnel uses a gateway provided in the network. The gateway receives the IP packets sent by the transmitting host, encrypt the entire IP packet which is then encapsulated by IPSec, then transmits along with a new IP header. Select whether the rules for IPSec communication are used or not. 2. IP address IP Version: Specifies the IP version of the other end. Select IPv4 or IPv6. IP Address (IPv4): Specifies the IPv4 addresses of the hosts or network with which the machine is connecting via IPSec. When you are restricting the scope of IPSec, be sure to specify the IP addresses. If this field is blank, all IPv4 addresses will be allowed to connect the machine. Subnet Mask: When IPv4 is selected for IP Version, this specifies the subnet mask of the hosts or network with which the machine is connecting via IPSec. If this field is blank, the specified addresses are considered to be host addresses. IP Address (IPv6): Specifies the IPv6 addresses of the hosts or network with which the machine is connecting via IPSec. When you are restricting the scope of IPSec, be sure to specify the IP addresses. If this field is blank, all IPv6 addresses will be allowed to connect the machine. Prefix Length: When IPv6 is selected for IP Version, this specifies the prefix length of the hosts or network with which the machine is connecting via IPSec. If this field is blank, the specified addresses are considered to be host addresses. Remote Peer Address: If Tunnel is selected in Encapsulation Mode, assign an IP address that is remotely controlled. 3. Authentication: Configures the local side authentication when IKEv1 is selected as Key Management Type. To set a character string as the shared key and use it for communication, select Pre-shared Key and enter the string of the pre-shared key in the text box. To use the CA-issued Device Certification or Root Certificate, select the Certificates. When Certificates is selected, the availability of the device certificate is shown. To make advanced settings, click Settings button and select a certificate. Configure the device certificate on the Certificates page of Security Settings. Configures the local side and remote side authentication when IKEv2 is selected as Key Management Type. Configure Authentication Type, Local ID Type, 50 Embedded Web Server