Administrative support

Supporting IPSec (Internet Protocol Security)

IP Security protocol provides authentication and encryption of communications at the network layer allowing all application and network communications over the IP protocol to be secure. IPSec can be set up between the MFP and up to five hosts, using both IPv4 and IPv6. To configure IPSec through the EWS:

1Open a Web browser. In the address line, enter the IP address of the MFP being configured using the format: http://ip_address/.

2Click Configuration.

3Under Other Settings, click Network/Ports.

4Click IPSec.

Two types of authentication are supported for IPSec:

Shared Key Authentication—Any ASCII phrase shared among all the participating hosts. This is the easiest way to configure when only a few hosts on the network use IPSec.

Certificate Authentication—Allows any hosts or subnet of hosts to authenticate for IPSec. Each host must have a public/private key pair. Validate Peer Certificate is enabled by default, requiring each host to have a signed certificate. The certificate authority certificate must be installed. Each host must have its identifier in the Subject Alternate Name of the signed certificate.

Note: After an MFP is configured for IPSec with a host, IPSec is required for any IP communication to take place.

5Indicate the setting for each sub-item as required for the network environment.

6Click Submit.

Disabling ports and protocols

The TCP and UDP ports can be configured to one of three modes or values:

Disabled—Never allows network connections to this port

Secure and Unsecure—Allows the port to remain open, even in Secure mode

Unsecured Only—Allows the port to only open when the MFP is not in Secure mode

Note: A password must be set to enable Secure mode. Once enabled, only the ports set to Secure and Unsecure will be open.

To configure the mode for TCP and UDP ports from the EWS:

1Open a Web browser. In the address line, enter the IP address of the MFP being configured using the format: http://ip_address/.

2Click Configuration.

3Under Other Settings, click Network/Ports.

4Click TCP/IP Port Access.

5For each port listed, select the appropriate value from the list previously described.

Note: Disabling ports will disable function on the MFP.

6Click Submit.

Configuring the MFP

95

Page 94 Page 96
Page 95
Image 95
Lexmark C77x manual Supporting IPSec Internet Protocol Security, Disabling ports and protocols, Click TCP/IP Port Access
Page 94 Page 96
Top Page Image Contents