Canon I Sensys Mf8540cdn User Guide
Here you can view all the pages of manual Canon I Sensys Mf8540cdn User Guide. The Canon manuals for Printer are available online for free. You can easily download all the documents as PDF.
Page 431
0ALJ-0A4 Enabling SSL Encrypted Communication for the Remote UI You can encrypt communication between the machine and a Web browser on the computer by using Secure Sockets Layer (SSL). SSL is a mechanism for encrypting data sent or received over the network. SSL must be enabled when the Remote UI is used for specifying settings for IPSec (Pre -Shared Key Method), IEEE 802.1X authentication (TTLS/PEAP), or SNMPv3. To use SSL for the Remote UI, you need to set a key pair and...
Page 432
NOTE: Viewing details of a certificate You can check the details of the certificate or verify the certificate by clicking the corresponding text link under [Key Name], or the certificate icon. Verifying Key Pairs and Digital Certificates Enable SSL for the Remote UI. 1Click [Security Settings] [Remote UI Settings]. 2Click [Edit...]. 3Select the [Use SSL] check box and click [OK]. Restart the machine. Turn OFF the machine, wait for at least 10 seconds, and turn it back ON....
Page 433
Starting the Remote UI with SSL If you try to start the Remote UI when SSL is enabled, a security alert may be displayed regarding the security certificate. In this case, check that the correct URL is entered in the address field, and then proceed to display the Remote UI screen. Starting Remote UI Enabling SSL for e-mailing (MF8580Cdw / MF8550Cdn / MF8540Cdn only) If the SMTP server and the POP3 server support SSL, you can enable SSL for communication with these...
Page 434
0ALJ-0A5 Configuring IPSec Settings Internet Protocol Security (IPSec or IPsec) is a protocol suite for encrypting data transported over a network, including Internet networks. While SSL only encrypts data used on a specific application, such as a Web browser or an e-mail application, IPSec encrypts either whole IP packets or the payloads of IP packets, offering a more versatile security system. The IPSec of the machine works in transport mode, in which the payloads of IP packets are...
Page 435
Before using IPSec for encrypted communication, you need to register security policies (SP). A security policy consists of the groups of settings described below. Up to 10 policies can be registered. After registering policies, specify the order in which they are applied. Selector Selector defines conditions for IP packets to apply IPSec communication. Selectable conditions include IP addresses and port numbers of the machine and the devices to communicate with. IKE IKE...
Page 436
Select the [Use IPSec] check box and click [OK]. If you want the machine to only receive packets that match one of the security policies that you define in the steps below, clear the [Receive Non-Policy Packets] check box. Click [Register New Policy...]. Specify the Policy Settings. 1In the [Policy Name] text box, enter up to 24 alphanumeric characters for a name that is used for identifying the policy. 2Select the [Enable Policy] check box. Specify the Selector Settings. 5 6 7 8...
Page 437
[Local Address] Click the radio button for the type of IP address of the machine to apply the policy.[All IP Addresses] Select to use IPSec for all IP packets. [IPv4 Address] Select to use IPSec for all IP packets that are sent to or from the IPv4 address of the machine. [IPv6 Address] Select to use IPSec for all IP packets that are sent to or from an IPv6 address of the machine. [Remote Address] Click the radio button for the type of IP address of the other...
Page 438
range of addresses with a prefix (IPv6 only)Enter the address, followed by a slash and a number indicating the prefix length. fe80::1234/64 [Subnet Settings] When manually specifying IPv4 address, you can express the range by using the subnet mask. Enter the subnet mask using periods to delimit numbers (example:"255.255.255.240"). [Local Port]/[Remote Port] If you want to create separate policies for each protocol, such as HTTP or SMTP, enter the appropriate port number for...
Page 439
3Specify the [Valid for] and [Authentication]/[Encryption]/[DH Group] settings. Using a key pair and preinstalled CA certificates for authentication 1Click the [Digital Signature Method] radio button for [Authentication Method] and then click [Key and Certificate...]. 2Click [Register Default Key] on the right of a key pair you want to use. NOTE: Viewing details of a key pair or certificate You can check the details of the certificate or verify the certificate by clicking the...
Page 440
[Select Algorithm] Select the [ESP], [ESP (AES-GCM)], or [AH (SHA1)] check box(es) depending on the IPSec header and the algorithm used. AES- GCM is an algorithm for both authentication and encryption. If [ESP] is selected, also select algorithms for authentication and encryption from the [ESP Authentication] and [ESP Encryption] drop-down lists.[ESP Authentication] To enable the ESP authentication, select [SHA1] for the hash algorithm. Select [Do Not Use] if you want to...