| Setting | Options/Description |
|---|---|
| Access Control | Select Permit
Access to permit IP packets to pass through
Select Refuse Access to prevent IP packets from passing through Select IPsec to permit IPsec packets to pass through |
| IKE Version | Select the version of the Internet Key Exchange (IKE) protocol that matches your network environment |
| Authentication Method | Select an authentication method, or select Certificate if you have imported a CA-signed certificate |
| Pre-Shared Key | If necessary, enter a pre-shared key between 1 and 127 characters long |
| Confirm Pre-Shared Key | Confirm the pre-shared key you entered |
| Encapsulation | If you selected IPsec as the Access
Control option, select one of these encapsulation modes:
Transport Mode: if you are using the product on the same LAN; IP packets of layer 4 or later are encrypted Tunnel Mode: if you are using the product on an Internet-capable network, such as IPsec-VPN; the header and data of IP packets are encrypted |
| Remote Gateway(Tunnel Mode) | If you selected Tunnel Mode as the Encapsulation option, enter a gateway address between 1 and 39 characters long |
| Security Protocol | If you selected IPsec as the Access
Control option, select one of these security protocols:
ESP: to ensure the integrity of authentication and data, and encrypt data AH: to ensure the integrity of authentication and data; if data encryption is prohibited, you can use IPsec |
| Algorithm Settings | Select the encryption algorithm settings for the security protocol you selected |
| Setting | Options/Description |
|---|---|
| Access Control | Select Permit Access to
permit IP packets to pass through
Select Refuse Access to prevent IP packets from passing through Select IPsec to permit IPsec packets to pass through |
| Local Address(Scanner) | Select an IPv4 or IPv6 address that matches your network environment; if the IP address is assigned automatically, select Use auto-obtained IPv4 address |
| Remote Address(Host) | Enter the device's IP address (between 0 and 43 characters long) to control access, or leave blank to control all addresses; if the IP address is assigned automatically, such as by DHCP, the connection may be unavailable, so configure a static address instead |
| Method of Choosing Port | Select the method you want to used for specifiying ports |
| Service Name | If you selected Service Name as the Method of Choosing Port option, select a service name option here; see the next table for more information |
| Transport Protocol | If you selected Port
Number as the Method of Choosing
Port option, select one of these encapsulation modes:
Any Protocol TCP UDP ICMPv4 See the next table for more information |
| Local Port | If you selected Port Number as the Method of Choosing Port option, and TCP or UDP for the Transport Protocol option, enter the port numbers that control receiving packets (up to 10 ports), separated by commas, for example 25,80,143,5220; leave this setting blank to control all ports; see the next table for more information |
| Remote Port | If you selected Port Number as the Method of Choosing Port option, and TCP or UDP for the Transport Protocol option, enter the port numbers that control sending packets (up to 10 ports), separated by commas, for example 25,80,143,5220; leave this setting blank to control all ports; see the next table for more information |
| IKE Version | Select IKEv1 or IKEv2 depending on the device that the product is connected to |
| Authentication Method | If you selected IPsec as the Access Control option, select an authentication method here |
| Pre-Shared Key | If you selected Pre-Shared Key as the Authentication Method option, enter a pre-shared key between 1 and 127 characters long here and in the Confirm Pre-Shared Key field |
| Encapsulation | If you selected IPsec as
the Access Control option, select
one of these encapsulation modes:
Transport Mode: if you are using the product on the same LAN; IP packets of layer 4 or later are encrypted Tunnel Mode: if you are using the product on an Internet-capable network, such as IPsec-VPN; the header and data of IP packets are encrypted |
| Remote Gateway(Tunnel Mode) | If you selected Tunnel Mode as the Encapsulation option, enter a gateway address between 1 and 39 characters long |
| Security Protocol | If you selected IPsec as
the Access Control option, select
one of these security protocols:
ESP: to ensure the integrity of authentication and data, and encrypt data AH: to ensure the integrity of authentication and data; if data encryption is prohibited, you can use IPsec |
| Algorithm Settings | Select the encryption algorithm settings for the security protocol you selected |
Group Policy Guidelines
| Service name | Protocol type | Local/Remote port number | Operations controlled |
|---|---|---|---|
| ENPC | UDP | 3289/Any port | Searching for a product from applications such as scanner drivers or EpsonNet Config |
| SNMP | UDP | 161/Any port | Acquiring and configuring MIB from applications such as scanner drivers or EpsonNet Config |
| WSD | TCP | Any port/5357 | Controlling WSD |
| WS-Discovery | UDP | 3702/Any port | Searching for a product from WSD |
| Network Scan | TCP | 1865/Any port | Forwarding scan data from Document Capture Pro |
| Network Push Scan | TCP | Any port/2968 | Acquiring job information on push scanning from Document Capture Pro |
| Network Push Scan Discovery | UDP | 2968/Any port | Searching for a computer during push scanning from Document Capture Pro |
| HTTP (Local) | TCP | 80/Any port | Forwarding Web Config and WSD data to a HTTP or HTTPS server |
| HTTPS (Local) | TCP | 443/Any port | |
| HTTP (Remote) | TCP | Any port/80 | Communicating with firmware update and root certificate update on a HTTP or HTTPS client |
| HTTPS (Remote) | TCP | Any port/443 |