22. Select "My IP Address" in "Source address", and then click [Next].
23. Select "A specific IP Address" in "Destination address", enter the machine's IP address,
and then click [Next].
24. For the IPsec protocol type, select "Any", and then click [Next].
25. Click [Finish].
26. Click [OK].
27. Select the IP filter that you have just created, and then click [Next].
28. Select the IPsec security filter, and then click [Edit].
29. In the "Security Methods" tab, check "Negotiate security" and then click [Add].
30. Select "Custom" and click [Settings].
31. When [ESP] is selected for the machine in [Security Protocol] under [IPsec Settings], select
[Data integrity and encryption (ESP)], and configure the following settings:
Set the value of [Integrity algorithm] to the same value as the [Authentication Algorithm for ESP]
specified on the machine.
Set the value of [Encryption algorithm] to the same value as the [Encryption Algorithm for ESP]
specified on the machine.
32. When [AH] is selected for the machine in [Security Protocol] under [IPsec Settings], select
[Data and address integrity without encryption (AH)], and configure the following
settings:
Set the value of [Integrity algorithm] to the same value as the [Authentication Algorithm for AH]
specified on the machine.
Clear the [Data integrity and encryption (ESP)] check box.
33. When [ESP&AH] is selected for the machine in [Security Protocol] under [IPsec Settings],
select [Data and address integrity without encryption (AH)], and configure the following
settings:
Set the value of [Integrity algorithm] under [Data and address integrity without encryption (AH)] to
the same value as [Authentication Algorithm for AH] specified on the machine.
Set the value of [Encryption algorithm] under [Data integrity and encryption (ESP)] to the same
value as [Encryption Algorithm for ESP] specified on the machine.
34. In the Session key settings, select "Generate a new key every", and enter the same
validity period (in seconds or Kbytes) as that specified for [Life Time] on the machine.
35. Click [OK] three times.
36. Click [Next].
37. Click [Finish].
If you are using IPv6 under Windows Vista or a newer version of Windows, you must repeat this
procedure from step 13 and specify ICMPv6 as an exception. When you reach step 24, select
Transmission Using IPsec
431
11