Using IPSec with IP address filter● IP address filter settings are applied before the IPSec policies.Specifying IP Addresses for Firewall Rules(P. 238)Configuring IPSec SettingsBefore using IPSec for encrypted communication, you need to register security policies (SP). A security policy consistsof the groups of settings described below. Up to 10 policies can be registered. After registering policies, specify theorder in which they are applied.SelectorSelector defines conditions for IP packets to apply IPSec communication. Selectable conditions include IPaddresses and port numbers of the machine and the devices to communicate with.IKEIKE configures the IKEv1 that is used for key exchange protocol. Note that instructions vary depending on theauthentication method selected.[Pre-Shared Key Method]A key of up to 24 alphanumeric characters can be shared with the other devices. Enable SSL for the Remote UIbefore specifying this authentication method ( Enabling SSL Encrypted Communication for the RemoteUI(P. 255) ).[Digital Signature Method]The machine and the other devices authenticate each other by mutually verifying their digital signatures.Generate or install the key pair beforehand ( Using CA-issued Key Pairs and Digital Certificates(P. 282) ).AH/ESPSpecify the settings for AH/ESP, which is added to packets during IPSec communication. AH and ESP can be usedat the same time. You can also select whether or not to enable PFS for tighter security.1 Start the Remote UI and log on in System Manager Mode. Starting RemoteUI(P. 290)2 Click [Settings/Registration].3 Click [Security Settings] [IPSec Settings].Security260
