Configuring IPSec Settings0YSF-04RInternet Protocol Security (IPSec or IPsec) is a protocol suite for encrypting data transported over a network, includingInternet networks. While TLS only encrypts data used on a specific application, such as a Web browser or an e-mailapplication, IPSec encrypts either whole IP packets or the payloads of IP packets, offering a more versatile securitysystem. The IPSec of the machine works in transport mode, in which the payloads of IP packets are encrypted. Withthis feature, the machine can connect directly to a computer that is in the same virtual private network (VPN). Checkthe system requirements and set the necessary configuration on the computer before you configure the machine.Registering Security Policies(P. 302)Enabling IPSec Communication(P. 309)System RequirementsIPSec that is supported by the machine conforms to RFC4301, RFC4302, RFC4303, and RFC4305.Operating systems supported bycommunication partners Windows Vista/7/8/10/Server 2003/Server 2008/Server 2012Connection mode Transport modeKey exchange protocolIKEv1Print Mode ● Main mode● Aggressive modeAuthentication method ● Pre-shared key● Digital signatureHash algorithm ● HMAC-MD5-96● HMAC-SHA1-96Encryption algorithm(and key length)● 3DES-CBC● AES-CBC (128 bits, 192 bits, or 256 bits)Key exchange algorithm/group(and key length)Diffie-Hellman (DH)● Group 1 (768 bits)● Group 2 (1024 bits)● Group 14 (2048 bits)ESP (Encapsulating SecurityPayload)Hash algorithm ● HMAC-MD5-96● HMAC-SHA1-96Encryption algorithm(and key length)● 3DES-CBC● AES-CBC (128 bits, 192 bits, or 256 bits)AH (Authentication Header) Hash algorithm ● HMAC-MD5-96● HMAC-SHA1-96Security301
