Using a key pair and preinstalled CA certificates for authentication1 Click the [Digital Signature Method] radio button for [Authentication Method] and then click [Key andCertificate].2 Click [Register Default Key] on the right of a key pair you want to use.Viewing details of a key pair or certificate● You can check the details of the certificate or verify the certificate by clicking the corresponding textlink under [Key Name], or the certificate icon. Verifying Key Pairs and Digital Certificates(P. 286)3 Specify the [Valid for] and [Authentication]/[Encryption]/[DH Group] settings.10 Specify the IPSec Network Settings.[Use PFS]Select the check box to enable Perfect Forward Secrecy (PFS) for IPSec session keys. Enabling PFS enhancesthe security while increasing the load on the communication. Make sure that PFS is also enabled for the otherdevices.[Specify by Time]/[Specify by Size]Set the conditions for terminating a session for IPSec SA. IPSec SA is used as a communication tunnel. Selecteither or both of the check boxes as necessary. If both check boxes are selected, the IPSec SA session isterminated when either of the conditions has been satisfied.[Specify by Time] Enter a time in minutes to specify how long a session lasts.[Specify by Size] Enter a size in megabytes to specify how much data can be transported in a session.Security265
