Canon I Sensys Mf8230cn User Guide

0ALJ-0A4
Enabling SSL Encrypted Communication for the Remote UI
You  can encrypt  communication between  the  machine and  a Web browser  on  the  computer  by using Secure Sockets Layer  (SSL). SSL  is
a mechanism for  encrypting  data sent or received over the  network. SSL  must be enabled  when the  Remote  UI is  used for  specifying
settings for  IPSec (Pre -Shared  Key Method), IEEE  802.1X authentication (TTLS/PEAP), or SNMPv3.  To use SSL  for  the  Remote  UI, you
need to  set a key  pair  and...

NOTE:
Viewing details of a certificate
You  can check  the  details of the  certificate or verify the  certificate by clicking  the  corresponding text link  under [Key Name], or
the  certificate icon.  
Verifying  Key  Pairs and  Digital Certificates
Enable SSL for the Remote UI.
1Click [Security  Settings]   [Remote  UI Settings].
2Click [Edit...].
3Select the [Use SSL] check box and  click [OK].
Restart the machine.
Turn  OFF  the  machine, wait  for  at least  10 seconds,  and  turn  it back ON....

Starting the Remote UI  with SSL
If  you try to  start the  Remote  UI when SSL  is  enabled,  a security alert may  be displayed regarding the  security certificate.  In this
case, check  that  the  correct URL is  entered  in the  address field,  and  then  proceed to  display the  Remote  UI screen. Starting
Remote  UI
Enabling  SSL for e-mailing  (MF8580Cdw / MF8550Cdn  / MF8540Cdn  only)
If  the  SMTP server  and  the  POP3  server  support SSL, you can enable  SSL  for  communication with these...

0ALJ-0A5
Configuring IPSec Settings
Internet  Protocol Security (IPSec or IPsec) is  a protocol suite for  encrypting  data transported over a network, including Internet  networks.
While SSL  only encrypts data used on  a specific application,  such as a Web browser  or an  e-mail application,  IPSec encrypts either whole
IP  packets  or the  payloads of IP  packets, offering  a more versatile security system. The IPSec of the  machine works in transport  mode,
in which the  payloads of IP  packets  are...

Before using IPSec for  encrypted  communication,  you need to  register  security policies (SP).  A security policy consists of the  groups of
settings described below. Up to  10 policies can be registered. After registering  policies, specify  the  order in which they are  applied.
Selector
Selector  defines conditions  for  IP  packets  to  apply  IPSec communication.  Selectable  conditions  include  IP  addresses and  port
numbers  of the  machine and  the  devices to  communicate with.
IKE
IKE...

Select the [Use IPSec] check  box and  click [OK].
If  you want the  machine to  only receive packets  that  match one of the  security policies that  you define in the  steps below, clear
the  [Receive  Non-Policy  Packets] check  box.
Click [Register New Policy...].
Specify  the Policy Settings.
1In the [Policy Name]  text  box, enter up  to 24 alphanumeric characters  for a name  that is  used for identifying
the policy.
2Select the [Enable  Policy] check box.
Specify  the Selector Settings.
5
6
7
8...

[Local  Address]
Click the  radio button for  the  type of IP  address of the  machine to  apply  the  policy.[All IP
Addresses] Select to  use IPSec for  all IP  packets.
[IPv4  Address] Select to  use IPSec for  all IP  packets  that  are  sent to  or from the  IPv4  address of the  machine.
[IPv6  Address] Select to  use IPSec for  all IP  packets  that  are  sent to  or from an  IPv6  address of the  machine.
[Remote  Address]
Click the  radio button for  the  type of IP  address of the  other...

range of
addresses with
a prefix  (IPv6
only)Enter the  address, followed by a slash  and  a number indicating  the  prefix
length.
fe80::1234/64
[Subnet Settings]
When  manually specifying  IPv4  address, you can express the  range by using the  subnet  mask. Enter the  subnet  mask using
periods to  delimit  numbers  (example:"255.255.255.240").
[Local  Port]/[Remote Port]
If  you want to  create separate policies for  each protocol, such as HTTP or SMTP, enter the  appropriate port number for...

3Specify  the [Valid for] and  [Authentication]/[Encryption]/[DH Group]  settings.
Using  a key pair and  preinstalled CA certificates for authentication
1Click the [Digital Signature Method]  radio button for [Authentication Method]  and  then  click [Key  and
Certificate...].
2Click [Register  Default  Key]  on  the right  of a key pair you want to use.
NOTE:
Viewing details of a key pair or certificate
You  can check  the  details of the  certificate or verify the  certificate by clicking  the...

[Select Algorithm]
Select the  [ESP], [ESP (AES-GCM)], or [AH (SHA1)] check  box(es)  depending on  the  IPSec header  and  the  algorithm used. AES-
GCM  is  an  algorithm for  both  authentication and  encryption. If  [ESP] is  selected,  also  select algorithms  for  authentication and
encryption from the  [ESP Authentication] and  [ESP Encryption]  drop-down lists.[ESP
Authentication] To enable  the  ESP authentication,  select [SHA1] for  the  hash  algorithm.  Select [Do Not Use] if  you want
to...