Home > Canon > Camera > Canon network camera VBM640VE User Manual

Canon network camera VBM640VE User Manual

    Download as PDF Print this page Share this page

    Have a look at the manual Canon network camera VBM640VE User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1335 Canon manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    							Setting Page
    4
    121
    Certificate creation, administrative sett ings and encrypted communication settings.
    Certificates
    Create an SSL/TLS certificate.
    [Create Self-Signed Certificate]
    Enter the following items and click [Exe c] to create a self-signed certificate.
    Follow the displayed message and reboot. The certif icate created will take effect after rebooting.
    Note
    Creating a certificate takes time, so it is recommended  that you stop video transmission and upload processes.
    [Certificate Status]
    If no certificate is installed, [Not Installed] will appear. If a certificate is inst alled, the validity period for the certificate will 
    appear.
    [Country (C)]
    Enter the ISO3166-1 alpha-2 country code.
    [ State/Province (ST)], [Locality (L)], [Organiz ation (O)], [Organizational Unit (OU)], [Common Name (CN)]
    Enter state/province name, locality, organization name, or ganizational unit and common name in alphanumeric characters 
    (spaces or printable characters).
    Enter an FQDN format host name, etc. to set the common name (required).
    [Validity Period  Start Date], [Validity Period End Date]
    Set the validity period of the certi ficate to be created (required when creating a self-sig ned certificate).
    Set HTTP Communication Encryption
    [Security] > [SSL/TLS]
    Important
    Use a self-signed certificate when complete security does not need  to be ensured, such as through operation tests. For system 
    operation, it is recommended that you acquire  and install a certificate issued by a CA. 
    						
    							122
    Certificate Management
    Manage the SSL/TLS certificate.
    [Generate Certificate Signing Request]
    Click [Exec] to create server private key and generate a certificate signing request.
    Once processed, the certificate signing re quest will appear in a separate window.
    Note
    Generating a certificate signing request takes time, so it is recommended that y ou stop video transmission and upload processes .
    [Display Certificate Signing Request]
    Click [Exec] to view the details of the certificate signing request.
    [Install  Server Certificate]
    Perform this operation to in stall a server certificate.
    Specify the certificate file to be installed using [Browse] and click [Exec].
    The certificate installed will take effect after rebooting.
    [Install Intermediate Certificate]
    Perform this operation to inst all an intermediate certificate.
    Specify the certificate file to be inst alled using [Browse] and click [Exec].
    The certificate installed will take effect after rebooting.
    Note
    To install an intermediate certificate and a primary intermediate  certificate, use a text editor or similar software to place them in the same 
    file and install them as an intermediate certificate.
    [Delete  Server Certificate]
    Click [Exec] to delete the server certificate.
    However, if SSL communications are enab led, the certificate cannot be deleted. Set [SSL Communications] to [Disable] 
    before deleting a certificate.
    The deletion will take effect after rebooting.
    [Delete Intermediate Certificate]
    Click [Exec] to delete the  intermediate certificate along with the primary certificate.
    However, if SSL communications are enab led, the certificate cannot be deleted. Set [SSL Communications] to [Disable] 
    before deleting a certificate.
    The deletion will take effect after rebooting.
    [Display  Server Certificate Details]
    Click [Exec] to view the details of the certificate.
    [Display  Self CA Certificate]
    Used for the purpose of testing SSL communications, but otherwise not normally used.
    [Backup]
    Click [Exec] to perform a backup of th e certificates and private key. This can  only be performed via SSL communications. 
    						
    							Setting Page
    4
    123
    [Restore]
    Installs the certificates and private key from backup.
    Click [Browse] to specify the backup file, then click [Exec]. This can only be performed via SSL communications.
    The restored certificate will take effect after rebooting.
    Encrypted Communications
    Set encrypted communications.
    [SSL Communications]
    Select this to enable or disable SSL communications.
    The setting will take effect after rebooting.
    However, if no certificate is installe d, SSL communications cannot be used.
    Note
     It may take a few minutes to generate an SSL key.
     If SSL communications are used,  video transmission performance drops.
     Depending on the type of the certificate being installed on the  camera, a dialog box may appear indicating that the web browse r has 
    accepted the certificate and a connection can be made. If the dialog  box does not appear, register the CA certificate in the web 
    browser. 
    						
    							124
    Settings for 802.1X authentication and authentication status display, and for certificate administration.
    802.1X Authentication
    Display the 802.1X authentication enable/disable control and status.
    [802.1X Authentication]
    Select this to enable or  disable 802.1X authentication.
    [Authentication  Status]
    Display the status of 802.1X aut hentication. There are three types of status: [Authenticated],  [Unauthenticated], and [Stop].
    Authentication Method
    Set the authentication method us ed for 802.1X authentication.
    [Authentication Method]
    Select the authentication method used for 802.1X authentication.
    [User Name]
    Enter the user name used for authentication.
    [Password]
    Enter the required pass word for authentication.
    This is displayed only when [Authentication Method ] is set to [EAP-MD5], [EAP-TTLS], or [EAP-PEAP].
    Certificate Information
    This is displayed only when [Authentication Method]  is set to [EAP-TLS], [EAP-TTLS], or [EAP-PEAP].
    [CA Certificate  Status]
    If no CA certificate is installed, [Not Installed] is displayed.  If a CA certificate is installed, the validity period of the 
    certificate is displayed.
    [Client Certificate  Status]
    If no client certificate is installed, [Not  Installed] is displayed. If a client certificate is installed, the validity period  of the 
    certificate is displayed.
    This is displayed only when [Authent ication Method] is set to [EAP-TLS].
    Network Port Authentication Settings
    [Security] > [802.1X] 
    						
    							Setting Page
    4
    125
    [Client Private Key  Status]
    If no client private key is installed, [Not Installed] is disp layed. If a client private key is installed, [Installed] is 
    displayed.
    This is displayed only when [Authent ication Method] is set to [EAP-TLS].
    Certificate Management
    This is displayed only when [Authentication Method]  is set to [EAP-TLS], [EAP-TTLS], or [EAP-PEAP].
    [Install CA Certificate]
    Installs a CA certificate.
    Specify the certificate file to be inst alled using [Browse] and click [Exec].
    [Install Client Certificate]
    Installs a client certificate.
    Specify the certificate file to be inst alled using [Browse] and click [Exec].
    This is displayed only when [Authent ication Method] is set to [EAP-TLS].
    [Install Client Private Key]
    Installs a client private key.
    Specify the private key file  to be installed using [Browse] and click [Exec].
    This is displayed only when [Authent ication Method] is set to [EAP-TLS].
    [Client Private Key Password]
    Enter the password for the client private key.
    Required when a password has been configured for the private key.
    This is displayed only when [Authent ication Method] is set to [EAP-TLS].
    [Delete Certificate]
    Deletes all installed CA certificates, clie nt certificates, and client private keys.
    Only “CA Certificate” is displayed when [Authentication  Method] is set to [EAP-TTLS] or [EAP-PEAP], but any 
    installed client certificates and c lient private keys are also deleted.
    Important
     If any CA certificates, client certificates , and client private keys already exist when installing certificates, they are discarded and 
    new versions are installed.
     An error occurs if the format of the certificate  or private key to be installed is incorrect.
     Client certificates and client  private keys are checked as a pair when instal ling, and an error occurs if they do not match.
     The certificate and private key used for 802.1X authentication must be installed as separate items, irrespective of the installation  status of certificates for SSL/TLS. 
    						
    							126
    Settings for using IPsec.
    Note
    If IPsec is used, video transmission performance drops.
    IPsec
    [IPsec] 
    Select key settings for using IPsec.
    Auto Key Exchange Settings
    [IPsec SA Encryption Algorithm]
    Select the IPsec SA encryption algorithm.
    The specified algorithm will be checked for an app licable encryption algorithm starting from the left.
    [IPsec  SA Authentication Algorithm]
    Select the IPsec SA authentication algorithm.
    The specified algorithm will be checked for an applicab le authentication algorithm starting from the left.
    [IPsec  SA Validity Period (min)]
    Enter the duration of validity for IPsec SA.
    [I SAKMP  SA Encryption Algorithm]
    Select the SA encryption algorithm fo r use with auto key exchange protocol IKE.
    Set IPsec
    [Security] > [IPsec]
    Important
     To run this camera with IPsec, the communicating devices and netwo rk must be set beforehand. Contact your system administrator for 
    these settings.
     When connecting with IPsec, set the camera IP address manually. For IPv4 addresses, use addresses with [I Pv4 Address Setting Method] set to [Manual] in [Basic Settings] > [Network] > [IPv4].
    For IPv6 addresses, use addresses set with [IPv6 Addr ess (Manual)] in [Basic Settings] > [Network] > [IPv6].
     If the IPsec setting is changed and the camera may become ina ccessible from the active web browser, a confirmation dialog box will 
    appear. Click [OK] to apply the new settings.
    If you reboot the camera and cannot connect to the camera from th e web browser, any available URI for connecting to the camera will 
    be displayed in a message.
    If you cannot connect to the camera through the displayed URI, contact your system administrator. 
    						
    							Setting Page
    4
    127
    [ISAKMP  SA Authentication Algorithm]
    Select the SA authentication algorithm for  use with auto key exchange protocol IKE.
    [DH Group]
    Select the key generation information that w ill be used in the DH algorithm for key exchange via auto key exchange protocol 
    IKE.
    [I SAKMP  SA Validity Period (min)]
    Enter the duration of validity for ISAKMP SA.
    IPsec Set 1 to 5
    IP security can be specified through auto key exchange  or manual setting with up to five communicating devices.
    Auto Key Exchange
    Note
    If auto key exchange is used, it will take approximately 5  to 10 seconds before communication with the camera starts.
    [IPsec Set]
    Set whether IPv4 or IPv6 will use or will not use IPsec sets.
    [IPsec Mode]
    Select the IPsec mode.
    [Destination IPv4 Address], [Destination IPv6 Address]
    Enter the IP address of the connection destination.
    [ Source IPv4 Address], [ Source IPv6 Address]
    Enter the IP address of the source.
    [ Security Protocol]
    Select the IPsec protocol.
    If [ESP] is selected, enter only t he setting items relating to ESP.
    If [AH] is selected, enter only th e setting items relating to AH.
    If [ESP and AH] is selected , enter all setting items.
    [ Security Gateway IPv4 Address], [ Security Gateway IPv6 Address]
    Enter the IP address of the security gateway if [IPsec Mode] is set to [Tunnel Mode].
    [Destination  Subnet Mask Length] (IPv4), [Des tination Prefix Length] (IPv6)
    Enter the subnet mask (IPv4) or prefix length (I Pv6) when [IPsec Mode] is set to [Tunnel Mode].
    [IKE Pre- Shared Key]
    Enter the pre-shared key for IKE (auto key exchange).
    Important
    If the camera is rebooted during auto key exchange communication, a connection error may result after rebooting. If this occurs , 
    connect again. 
    						
    							128
    Manual
    [IPsec  Set]
    Set whether IPv4 or IPv6 will use or will not use IPsec sets.
    [IPsec Mode]
    Select the IPsec mode.
    [Destination IPv4 Address], [Destination IPv6 Address]
    Enter the IP address of the connection destination.
    [ Source IPv4 Address], [ Source IPv6 Address]
    Enter the IP address of the source.
    [ Security Protocol]
    Select the IPsec protocol.
    If [ESP] is selected, enter only t he setting items relating to ESP.
    If [AH] is selected, enter only th e setting items relating to AH.
    If [ESP and AH] is selected , enter all setting items.
    [ Security Gateway IPv4 Address], [ Security Gateway IPv6 Address]
    Enter the IP address of the security gateway if [IPsec Mode] is set to [Tunnel Mode].
    [Destination  Subnet Mask Length] (IPv4), [Des tination Prefix Length] (IPv6)
    Enter the subnet mask (IPv4) or prefix length (I Pv6) when [IPsec Mode] is set to [Tunnel Mode].
    When [Security Protocol] Is  Set to [ESP] or [E SP and AH]
    [SA ESP Encryption Algorithm] to [SA ESP SPI (inbound)] must be set.
    [SA E SP Encryption Algorithm]
    Set the ESP encryption algorithm to suit the encryption  algorithm supported by the device to connect to.
    Normally [AES] or [3DES] is recommended.
    [ SA E SP Authentication Algorithm]
    Set the ESP authentication algorithm to suit the authentic ation algorithm supported by the device to connect to. 
    						
    							Setting Page
    4
    129
    If [ESP] is used alone, [No Authentication] cannot be selected.
    [SA E SP Encryption Key (outbound)]
    Enter the SA encryption key for outbound.
    If [AES], [3DES] or [DES] was  selected in [SA ESP Encryption  Algorithm], set a 128-bit, 192-bit or 64-bit  hexadecimal 
    number, respectively. This item need  not be set if [NULL] was selected.
    [ SA E SP Authentication Key (outbound)]
    Enter the SA authentication key for outbound.
    If [HMAC_SHA1_96] or [HMAC_MD5_96] was selected in [SA ESP Authentication Algorithm], set a 160-bit or 128-bit 
    hexadecimal number, respectively. This item need  not be set if [No Authentication] was selected.
    [ SA E SP SPI (outbound)]
    Enter the SA SPI value for outbound.
    Set a desired value in the range of 256 to 4294967295.
    [ SA E SP Encryption Key (inbound)]
    Enter the SA encryption key for inbound.
    If [AES], [3DES] or [DES] was  selected in [SA ESP Encryption  Algorithm], set a 128-bit, 192-bit or 64-bit  hexadecimal 
    number, respectively. This item need  not be set if [NULL] was selected.
    [ SA E SP Authentication Key (inbound)]
    Enter the SA authentication key for inbound.
    If [HMAC_SHA1_96] or [HMAC_MD5_96] was selected in [SA ESP Authentication Algorithm], set a 160-bit or 128-bit 
    hexadecimal number, respectively. This item need  not be set if [No Authentication] was selected.
    [ SA E SP SPI (inbound)]
    Enter the SA SPI value for inbound.
    Set a desired value in the range of 256 to 4294967295.
    Since this setting is used as an ID for identifying the SA , be careful not to specify an inbound SPI whose value is 
    already used in the SPI for other ESP.
    When [ Security Protocol] Is  Set to [AH] or [ESP and AH]
    [SA AH Authenticatio n Algorithm] to [SA AH SPI  (inbound)] must be set.
    [ SA AH Authentication Algorithm]
    Set the AH authentication algorithm to suit the authenti cation algorithm supported by the device to connect to.
    [ SA AH Authentication Key (outbound)]
    Enter the SA authentication key for outbound.
    If [HMAC_SHA1_96] or [HMAC_MD5_96] was selected in [SA  AH Authentication Algorithm], set a 160-bit or 128-bit 
    hexadecimal number, respectively.
    [ SA AH  SPI (outbound)]
    Enter the SA SPI value for outbound.
    Set a desired value in the range of 256 to 4294967295.
    [ SA AH Authentication Key (inbound)]
    Enter the SA authentication key for inbound.
    If [HMAC_SHA1_96] or [HMAC_MD5_96] was selected in [SA  AH Authentication Algorithm], set a 160-bit or 128-bit 
    hexadecimal number, respectively.
    [ SA AH  SPI (outbound)]
    Enter the SA SPI value for inbound.
    Set a desired value in the range of 256 to 4294967295.
    Since this setting is used as an ID for identifying the SA , be careful not to specify an inbound SPI whose value is 
    already used in the SPI for another AH. 
    						
    							130
    Settings for recording video to a memory card inserted in the camera. You can also see the status of the memory card.
    The content on this page is common with [Video Record] > [Memo ry Card] (P. 101). Settings configured in any page will be 
    reflected in the other pages.
    Note
     The following memory cards can be used. – SD memory card, SDHC memory card, SDXC memory card 
    – microSD memory card, microSDHC memory card, microSDXC memory card 
     For inserting and removing the memory card, please refer to “Installation Guide”  > “Using a Memory Card”.
     Only H.264(1) video can be recorded to a memory card. [H.264(2)] cannot be recorded.
    Video Record Setting
    Sets whether to record video from the camera to  a memory card or upload it with HTTP or FTP.
    These can also be set with [Video Record] > [Upload] (P. 96) and will be reflected in [Video Record Setting] here.
    [Video Record Action]
    Select [Record to Memory Card] to record to a memory card.
    Memory Card Operations
    The setting items will change de pending on the memory card status (unmounted/mounted).
    Memory Card Operations and Information Display
    [Memory Card] 
    Important
    Information recorded to the memory card may be regarded as  “personal information”. Take sufficient precautions for handling this 
    information when releasing to third part ies for disposal, transfer or repair.
    Important
    Be sure to perform the unmount process when turning off the powe r to the camera or removing the memory card. Failing to unmount first 
    may result in management file problems  or the memory card becoming inaccessible.
    You can use the Camera Management Tool (P. 36) to bat ch mount/unmount memory cards from multiple cameras.
    R11R10M741M740
    M641M 640 
    						
    All Canon manuals Comments (0)

    Related Manuals for Canon network camera VBM640VE User Manual