Connectivity & Network Setup
149
T
ools
5
DH Group
Select [G1] or [G2].
PFS Settings
Select [Disabled] or [Enabled].
Destination IPv4 Address
Enter the destination address or the range of the destination addresses in IPv4 format.
Note
•
When entering an IP address, enter the address in the format "xxx.xxx.xxx.xxx", where "xxx"
is a numeric value in the range of 0 to 255.
Destination IPv6 Address
Specify the destination address or the range of the destination addresses in IPv6 format.
Note
•
When entering an IP address, enter the address in the format
"xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx", where "xxxx" is a hexadecimal value.
Communicate with Non-IPSec Devices
Select [Disabled] or [Enabled].
IEEE 802.1x Settings
Configure the settings of IEEE 802.1x.
IEEE 802.1x
Select [Disabled] or [Enabled].
Authentication Method
Select [EAP-MD5], [EAP-MS-CHAPv2], or [PEAP/MS-CHAPv2].
Login User Name
Enter the login user name. Up to 128 characters are allowed.
Login Password
Enter the login password. Up to 128 characters are allowed.
Server Certificate Verification
Select [Enabled] or [Disabled]. This setting is effective when [PEAP/MS-CHAPv2] is selected
in [Authentication Method].
Certificate Revocation Retrieval Settings
You can configure the settings for certificate revocation retrieval. The following settings are
available.
Level of Certificate Verification
Select a level of certificate verification from [Low], [Medium], and [High].
Selecting [Low] does not verify the validity of certificates.
Selecting [Medium] verifies the validity of certificates, and if a certificate cannot be verified
due to a network error or any other problems, the certificate is determined as a valid one.
Selecting [High] verifies the validity of certificates, and determines only the certificates that
have not been revoked, as valid ones.
Retrieval of Certificate Status
Select the method to verify the validity of certificates, from [By Retrieving CRL] and [By
OCSP].
Auto Retrieval of CRL
Select whether or not to automatically retrieve a Certificate Revocation List (CRL).
CRL Retrieval Time-Out
Specify a time-out value to retrieve a Certificate Revocation List (CRL) in the range of 5 to 60
seconds in 1 second increments.
Send Query to OCSP Responder With
Select how to access an OCSP responder, from [URL as Specified in Certificate] and [URL
as Specified by Administrator].