TCP/IP Settings
This screen allows you to configure settings to connect the machine to a TCP/IP environment and use it.
The IP address can be checked and its acquisition method can be set, the DNS server can be set in the current operating environment, and the IPsec setting can be made based on the safety communication technology as follows.
Menu Item/Description | Setting value (: Default) | |||||
---|---|---|---|---|---|---|
TCP/IP Settings | ON, OFF | |||||
IPv4 Settings | ||||||
IP Application Method *1 | Manual Input, Auto Input | |||||
Manual Input | ||||||
IP Address | (0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0) | |||||
Subnet Mask | (0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0) | |||||
Default Gateway | (0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0) | |||||
Auto Input | ||||||
DHCP Settings | ON, OFF | |||||
BOOTP Settings | ON, OFF | |||||
ARP/PING Settings | ON, OFF | |||||
AUTO IP Settings | ON, OFF | |||||
IPv6 Settings | ON, OFF*2 | |||||
Auto IPv6 Settings | ON, OFF*3 | |||||
DHCPv6 Setting | ON, OFF | |||||
Global Address | 1-39 bytes (Default: 0000:0000:0000:0000:0000:0000:0000:0000)*4 | |||||
Prefix Length | 1 to 128 (Default: 0) | |||||
Link-Local Address | fe80: XXXX ("XXXX" is automatically generated based on the Mac address.) | |||||
Gateway Address | 1-39 bytes (Default: 0000:0000:0000:0000:0000:0000:0000:0000)*7 | |||||
DNS Host | ||||||
DNS Host Name | Up to 63 one-byte characters can be used. | |||||
Dynamic DNS Settings | Enable, Disable | |||||
DNS Domain | ||||||
Domain Name Auto Retrieval | Enable, Disable | |||||
Search Domain Name Auto Retrieval | Enable, Disable | |||||
Default DNS Domain Name | Up to 251 one-byte characters can be used. * 8 | |||||
DNS Search Domain Name 1 | Up to 251 one-byte characters can be used. * 8 | |||||
DNS Search Domain Name 2 | Up to 251 one-byte characters can be used. * 8 | |||||
DNS Search Domain Name 3 | Up to 251 one-byte characters can be used. * 8 | |||||
DNS Server Settings (IPv4) | ||||||
DNS Server Auto Obtain | Enable, Disable | |||||
Priority DNS Server | (0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0) | |||||
Secondary DNS Server 1 | (0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0) | |||||
Secondary DNS Server 2 | (0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0) | |||||
DNS Server Settings (IPv6) | ||||||
DNS Server Auto Obtain | Enable, Disable | |||||
Priority DNS Server | 1-39 bytes (Default: 0:0:0:0:0:0:0:0) | |||||
Secondary DNS Server 1 | 1-39 bytes (Default: 0:0:0:0:0:0:0:0) | |||||
Secondary DNS Server 2 | 1-39 bytes (Default: 0:0:0:0:0:0:0:0) | |||||
IPsec Settings/IPsec Settings IPsec is a technique that prevents data falsification or data leakage on an IP packet basis using the encryption technology. | ||||||
IKE Settings Configure settings to create an IPsec common key. | ||||||
IKEv1 Settings | ||||||
Encryption Algorithm | DES-CBC, 3DES-CBC, AES-CBC | |||||
AES Key Length Settings *5 | ON, OFF 128, 192, 256, 128 and 192, 192 and 256, Entire Document | |||||
Authentication Algorithm | MD5, SHA-1, SHA-2 | |||||
SHA-2 Key Length Settings *6 | ON, OFF 256, 384, 512, 256 and 384, 384 and 512, Entire Document | |||||
Diffie-Hellman Group | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24 | |||||
Key Validity Period | 600 to 604800 (sec.) (Default: 28800) | |||||
Negotiation Mode | Main Mode, Aggressive Mode | |||||
IKEv2 Settings | ||||||
Encryption Algorithm | DES-CBC, 3DES-CBC, AES-CBC | |||||
AES Key Length Settings *5 | ON, OFF 128, 192, 256, 128 and 192, 192 and 256, Entire Document | |||||
Authentication Algorithm | MD5, SHA-1, SHA-2, AES-XCBC | |||||
SHA-2 Key Length Settings *6 | ON, OFF 256, 384, 512, 256 and 384, 384 and 512, Entire Document | |||||
Diffie-Hellman Group | ||||||
Priority 1 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24 | |||||
Priority 2 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Priority 3 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Priority 4 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Key Validity Period | 600 to 604800 (sec.) (Default: 28800) | |||||
IPsec SA Settings Set SA (Security Association) used to establish an encryption communication. | ||||||
Group 1 to Group 10 | ON, OFF | |||||
Group Name | Up to 10 one-byte characters can be used. | |||||
Encapsulation Mode Transport Mode: Only encrypts data, and sends the encrypted data with an IP header. Tunnel Mode: Collectively encrypts IP header and data, and sends the encrypted result with a new IP header. For the tunnel end point, enter the IP address of the peer’s IPsec gateway. This enables more secure communications based on the advanced security measures. | Tunnel Mode, Transport Mode | |||||
Tunnel End Point | IPv4 address or IPv6 address (Max. 39 bytes) (Default: 0.0.0.0) | |||||
Security Protocol | AH, ESP | |||||
Key Exchange Method | IKEv1, IKEv2, Manual Key | |||||
General Settings | Pre-Shared Key, Digital Signature | |||||
Local Authentication Method | Pre-Shared Key, Digital Signature | |||||
Peer Authentication Method | Pre-Shared Key, Digital Signature, Pre-Shared Key/Digital Signature | |||||
ESN | Enable, Invalid | |||||
Replay Detection | Enable, Invalid | |||||
ESP Encryption Algorithm | AES-CBC, AES-CTR, DES-CBC, AES-GCM-64, 3DES-CBC, AES-GCM, NULL, ENC-NULL-AES-GMAC | |||||
AES-CBC Key Length | 128, 192, 256, 128 and 192, 192 and 256, Entire Document | |||||
AES-CTR Key Length | 128, 192, 256, 128 and 192, 192 and 256, Entire Document | |||||
AES-GCM Key Length | 128, 192, 256, 128 and 192, 192 and 256, Entire Document | |||||
AES-GCM-64 Key Length | 128, 192, 256, 128 and 192, 192 and 256, Entire Document | |||||
ENC-NULL-AES-GMAC Key Len | 128, 192, 256, 128 and 192, 192 and 256, Entire Document | |||||
ESP Authentication Algorithm | MD5, SHA-1, SHA-2, AES-XCBC | |||||
SHA-2 Key Length | 256, 384, 512, 256 and 384, 384 and 512, Entire Document | |||||
AH Authentication Algorithm | MD5, SHA-1, SHA-2, AES-GMAC, AES-XCBC | |||||
SHA-2 Key Length | 256, 384, 512, 256 and 384, 384 and 512, Entire Document | |||||
AES-GMAC Key Length | 128, 192, 256, 128 and 192, 192 and 256, Entire Document | |||||
Perfect Forward Secrecy | ON, OFF | |||||
Diffie-Hellman Group (IKEv1) | 1, 2, 5, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, OFF | |||||
Diffie-Hellman Group (IKEv2) | ||||||
Priority 1 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24 | |||||
Priority 2 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Priority 3 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Priority 4 | Group 1, Group 2, Group 5, Group 14, Group 15, Group 16, Group 17, Group 18, Group 19, Group 20, Group 21, Group 22, Group 23, Group 24, OFF | |||||
Encryption Algorithm | DES-CBC, 3DES-CBC, AES-CBC, NULL | |||||
AES Key Length | 128, 192, 256 | |||||
Authentication Algorithm | MD5, SHA-1, SHA-2, AES-XCBC | |||||
SHA-2 Key Length | 256, 384, 512 | |||||
SA Index | ||||||
Receiving | 256 to 4294967295 | |||||
Sending | 256 to 4294967295 | |||||
Common Key Encryption | ||||||
Receiving | ||||||
Sending | ||||||
Common Key Authentication | ||||||
Receiving | ||||||
Sending | ||||||
Lifetime After Establishing SA | 600 to 604800 (sec.) (Default: 3600) | |||||
Peer | ||||||
Group 1 to Group 10 | ON, OFF | |||||
Group Name | Up to 10 one-byte characters can be used. | |||||
Addressing Mode | Unicast, Subnet Settings, Set Range | |||||
Unicast | IPv4 Address Input, IPv6 Address Input (Default: 0.0.0.0) | |||||
Subnet Settings | IP Address: IPv4 Address Input, IPv6 Address Input Subnet Mask: IPv4 Address Input, IPv6 Address Input (Default :0.0.0.0) | |||||
Set Range | From IP Address: IPv4 Address Input, IPv6 Address Input To IP Address: IPv4 Address Input, IPv6 Address Input (Default: 0.0.0.0) | |||||
Pre-Shared Key Text | ||||||
ASCII Input | Up to 128 one-byte characters can be used. | |||||
HEX Input | Up to 256 one-byte characters can be entered. | |||||
Key-ID String | Up to 128 one-byte characters can be used. | |||||
Protocol Setting | ||||||
Group 1 to Group 10 | ON, OFF | |||||
Group Name | Up to 10 one-byte characters can be used. | |||||
Protocol Identification Setting | TCP, UDP, ICMP, ICMPv6, Do Not Set | |||||
Port Specification Method | Port Number, Set Range | |||||
Port Number | Sender Port Number: 1 to 65535 Sender Port Number: 1 to 65535 | |||||
Set Range | Sender Port Number/Start Number: 1 to 65535 Sender Port Number/End Number: 1 to 65535 Sender Port Number/Start Number: 1 to 65535 Sender Port Number/End Number: 1 to 65535 | |||||
Message Type (ICMP, ICMPv6) | Echo Request/Reply, Do Not Set | |||||
IPsec Setting - Enable Ipsec | Weekly Timer ON, Weekly Timer OFF | |||||
IPsec Policy | ||||||
Group 1 to Group 10 | ||||||
Group Name | Up to 10 one-byte characters can be used. | |||||
Peer | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 button | |||||
Protocol | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 button | |||||
IPsec Setting | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 button | |||||
Communication Type | Send and Receive, Send, Receive | |||||
Action | Protected, Allow, Deny, Cancel | |||||
Common Settings | ||||||
Dead Peer Detection | 15, 30, 45, 60, 75, 90, 105, 120 | |||||
Cookies | Enable, Invalid | |||||
ICMP Pass Settings | Enable, Invalid | |||||
ICMPv6 Pass Settings | Enable, Invalid | |||||
default action | Allow, Deny | |||||
Certificate Verification Level Settings | ||||||
Expiration Date | Confirm, Do Not Confirm | |||||
Key Usage | Confirm, Do Not Confirm | |||||
Chain | Confirm, Do Not Confirm | |||||
Expiration Date Confirmation | Confirm, Do Not Confirm | |||||
IPsec Setting - Communication Check | ||||||
Check Connection | ||||||
IP Address | IPv4 Address Input (0 to 255).(0 to 255).(0 to 255).(0 to 255) (Default: 0.0.0.0) IPv6 Address Input 1-39 bytes (Default: 0:0:0:0:0:0:0:0) | |||||
Check Connection | ||||||
Communication Error Log | Logs 1 to 20 | |||||
IP Filtering(Permit Access) | Enable, Disable Set 1: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) *10 Set 2: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Set 3: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Set 4: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Set 5: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) | |||||
IP Filtering(Deny Access) | Enable, Disable Set 1: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) *10 Set 2: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Set 3: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Set 4: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) Set 5: Start 0.0.0.0 to End 0.0.0.0 (0 to 255) | |||||
RAW Port Number | ||||||
Port 1 | 1 to 65535, OFF (Default: 9100)*9 | |||||
Port 2 | 1 to 65535, OFF (Default: 9112) | |||||
Port 3 | 1 to 65535, OFF (Default: 9113) | |||||
Port 4 | 1 to 65535, OFF (Default: 9114) | |||||
Port 5 | 1 to 65535, OFF (Default: 9115) | |||||
Port 6 | 1 to 65535, OFF (Default: 9116) | |||||
LLMNR Setting | Enable, Disable |
*1: | If Auto Input is selected, the following settings are available. |
*2: | If IPv6 Settings is set to OFF, this function is disabled even when IPv6 Auto Settings is set to ON. In Web Connection, the drop-down list of IPv6 Auto Settings is grayed out. |
*3: | Selecting OFF for IPv6 Auto Settings enables the setting change of Global Address Prefix Length and Gateway Address. |
*4: | If the following address range is specified, it causes an error. |
*5: | This can be set if Encryption Algorithm is set to AES-CBS. |
*6: | This can be set if Authentication Algorithm is set to SHA-2. |
*7: | Available only for the range from fe80: 0: 0: 0: : to fe80: 0: 0: 0: ffff: ffff: ffff: ffff. |
*8: | Up to 253 one-byte characters including periods can be entered for the host name. To enter 64 characters or more, you need to use periods (.) to separate the characters. |
*9: | You can use the advanced settings in the Administrator Mode of Web Connection (for details, refer to [TCP/IP Setting]). |
*10: | Only one IP address, not a range, can be permitted/denied in three ways. For example, to permit/deny 192.168.11.22 only, enter: 192.168.11.22 - 0.0.0.0 0.0.0.0 - 192.168.11.22 192.168.11.22 - 192.168.11.22 |