Changing Network Settings From the Web Page
- 151 -
Network S
et
tings
8
13
On the [
Key Exchange Security
Methods
] window, click [
Add
].
14
Specify [
Integrity algorithm
],
[
Encryption algorithm
], and [
Diffie-
Hellman group
].
Note
z
Select the same value that was specified in [
IKE
Encryption Algorithm
], [
IKE Hush Algorithm
],
and [
Diffie-Hellman group
] at the time of
configuration for "Phase1 Proposal" in
.
15
Click [
OK
].
16
On the [
Key Exchange Security
Methods
] window, click [
OK
].
17
On the [
Key Exchange Settings
]
window, click [
OK
].
18
On the IP security policy properties
window, select the [
Rules
] tab.
19
Click [
Add
].
20
On the [
Security Rule Wizard
], click
[
Next
].
21
On the [
Tunnel Endpoint
] screen,
select [
This rule does not specify a
tunnel
and then click [
Next
].
22
On the [
Network Type
] screen, select
[
All Network Connections
] and then
click [
Next
].
23
On the [
IP Filter List
] screen, click
[
Add
].
24
On the [
IP Filter List
] window, click
[
Add
].
25
On the [
IP Filter Wizard
], click [
Next
].
26
On the [
IP Filter Description and
Mirrored Property
] screen, click
[
Next
].
27
On the [
IP Traffic Source
] screen, click
[
Next
].
28
On the [
IP Traffic Destination
] screen,
click [
Next
].
29
On the [
IP Protocol Type
] screen, click
[
Next
].
30
Click [
Finish
].
31
On the [
IP Filter List
] window, click
[
OK
].
32
On the [
Security Rule Wizard
], select
the new IP filter from the list and then
click [
Next
].
33
On the [
Filter Action
] screen, click
[
Add
].
34
On the [
Filter Action Wizard
], click
[
Next
].
35
On the [
Filter Action Name
] screen,
enter a [
Name
] and a [
Description
]
and then click [
Next
].
36
On the [
Filter Action General Options
]
screen, select [
Negotiate security
] and
then click [
Next
].
37
On the [
Communicating with
computers that do not support
IPsec
] screen, select [
Do not allow
unsecured communication
] and then
click [
Next
].
38
On the [
IP Traffic Security
] screen,
select[
Custom
] and then click
[
Settings
].
39
On the [
Custom Security Method
Settings
] window, configure the settings
and then click [
OK
].
Note
z
Configure the AH and ESP settings to the same
settings as configured for the "Phase2 Proposal" in
"Configuring Your Machine" P. 150
40
On the [
IP Traffic Security
] screen,
click [
Next
].
41
Select [
Edit Properties
] and then click
[
Finish
].
42
On the filter action properties window,
select [
Use session key perfect
forward secrecy (PFS)
] if you want to
enable Key PFS.
43
Select [
Accept unsecured
communication, but always respond
using IPsec
] if you perform IPSec
communication by the IPv6 global
address.
44
Click [
OK
].
45
Select the new filter action and then click
[
Next
].
46
On the [
Authentication Method
]
screen, select the authentication method
you want and then click [
Next
].