SecurityXerox ® WorkCentre® 7800/7800i Series Color Multifunction Printer 111System Administrator GuideConfiguring Internet Key Exchange SettingsIKE is a keying protocol that allows automatic negotiation and authentication, anti-replay services, andCA support. It can also change encryption keys during an IPsec session. IKE is used as part of virtualprivate networking.IKE Phase 1 authenticates the IPsec peers and sets up a secure channel between the peers to enable IKEexchanges. IKE Phase 2 negotiates IPsec SAs to set up the IPsec tunnel.1. Under IKE Phase 1, in the Key Lifetime field, type the length of time until the key expires in Seconds,Minutes, or Hours. When a key reaches this lifetime, the SA is renegotiated and the key isregenerated or refreshed.2. Select the DH Group from the following options:− Group 2 provides a 1024-bit Modular Exponential (MODP) keying strength.− Group 14 provides a 2048-bit MODP keying strength.3. Under IKE Phase 2, select the IPsec Mode. Options are Transport Mode or Tunnel Mode.Note: Transport mode only encrypts the IP payload, whereas Tunnel mode encrypts the IP headerand the IP payload. Tunnel mode provides protection for an entire IP packet by treating it as anAuthentication Header (AH), or Encapsulating Security Payload (ESP).4. If you selected Tunnel Mode, under Enable Security End Point Address, select the address type.Options are Disabled, IPv4 Address, or IPv6 Address.5. Under IPsec Security, select ESP, AH, or BOTH.6. Type the Key Lifetime, and select Seconds, Minutes, or Hours.7. Under Perfect Forward Secrecy (PFS), select None, Group 2, or Group 14.Note: PFS is disabled by default. PFS allows faster IPsec setup, but is less secure.8. Under Hash, select from the following:− SHA1− None9. If you selected ESP or BOTH for the IPsec Security type, select one or more of the followingEncryption types:Note: If the IPsec Security type is set to AH, the Encryption type options do not appear.− AES− 3DES− Null10. Click Save to apply the new settings or Undo to retain the previous settings.Editing or Deleting an ActionTo edit or delete an action, select the action from the list, then click Edit or Delete.