Configuration of IPsec313Configuration on a ComputerConfirm that the digital certificate to be used by the machine to encrypt PDF and XPSfiles has been imported and registered on the recipient’s computer. This will assure theability to conduct two way digital signing of files, should this capability be required.Configuration of IPsecIPsec (IPsecurity) is comprised of the IP Authentication Header and IP EncapsulatingSecurity Payload protocols, which secure IP communications at the network layer ofthe protocol stack, using both authentication and data encryption techniques.The ability to send IPsec encrypted data to the printer is provided by the use of a publiccryptographic key, following a network negotiating session between the initiator (clientcomputer) and the responder (printer or server). To send encrypted data to the printer,the computer and the printer have to establish a Security Association with each otherby verifying a matching password (shared secret) to each other. If this authentication issuccessful, a session public key will be built and used to send IPsec encrypted dataover the TCP/IP network to the printer.Providing additional security during the Public Key negotiating process, DigitalCertificates can alternatively be used in place of the Shared Secret, to encrypt thePublic Key information being exchanged between communicating parties. The DigitalCertificate resides on the machine (managed as stated inConfiguration of E-mailEncryption/Digital Signature on page 308) and MUST also have been imported andstored on the computer that is encrypting data being sent to the machine.Certificates add digital signatures (individualized checksums verifying data integrity) todatagrams during the public key negotiating process, greatly assisting in securing datafrom network sniffers.To enable IPsec1. Open your web browser, and enter the IP address of the machine in the [Address]box to access CentreWare Internet Services.2. In CentreWare Internet Services, click the [Properties] tab.3. Expand the [Security] folder.4. Select [IPsec] in the directory tree.5. Enable the protocol by placing a checkmark in the [Enabled] box.6. Select [Preshared Key] to use the Shared Secret (between this machine andremote computers also possessing the secret). Note that if you select [DigitalSignature], the [Shared Secret] boxes will be grayed out and you will have tosupply a certificate stored on this machine to the remote computer that wishes tosend IPsec encrypted data to this machine. Refer to theConfiguration of E-mailEncryption/Digital Signature on page 308 for full information.7. Enter the shared secret (a password) in the [Shared Key] and [Verify Shared Key]boxes.8. Select [Enabled] (default setting) for [Communicate with Non-IPsec Device], sothat computers not set up for encryption can still communicate with this machine.9. Configure other available settings by referring toProperties in the CentreWareInternet Services chapter on page 178.