F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices VPN Configuration Guide-6PW100
152
3. Click Suite mode to configure an IPsec proposal that uses a pre-defined encryption suite.
Figure 109 IPsec proposal configuration in suite mode
4. Enter a name for the IPsec proposal.
5. Select an encryption suite for the proposal.
An encryption suite specifies the IP packet encapsulation mode, security protocol, and
authentication and encryption algorithms to be used. Available encryption suites include:
{ Tunnel-ESP-DES-MD5—Uses the ESP security protocol, the DES encryption algorithm, and the
MD5 authentication algorithm.
{ Tunnel-ESP-3DES-MD5—Uses the ESP security protocol, the 3DES encryption algorithm, and
the MD5 authentication algorithm.
{ Tunnel-AH-MD5-ESP-DES—Uses the ESP and AH security protocols successively, making ESP
use the DES encryption algorithm and perform no authentication and making AH use the MD5
authentication algorithm.
{ Tunnel-AH-MD5-ESP-3DES—Uses the ESP and AH security protocols successively, making ESP
use the 3DES encryption algorithm and perform no authentication, and making AH use the
MD5 authentication algorithm.
All these suites use the tunnel mode for IP packet encapsulation.
6. Click Apply.
433BConfiguring an IPsec proposal in custom mode
1. Select VPN > IPSec > Proposal from the navigation tree to enter the IPsec proposal management
page, as shown in
768HFigure 107.
2. Click Add to enter the IPsec proposal configuration wizard page, as shown in 769HFigure 108.
3. Click Custom mode.
Figure 110 IPsec proposal configuration in custom mode
4. Configure the IPsec proposal parameters as described in 770HTable 10.
5. Click Apply.