Manualshelf

R3166-R3206-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
61626364656667686970
60
3. Click Next to enter the next page, as shown in Figure 45.
Figure 45 IPsec VPN policy configuration wizard: 3/4 (branch node)
4. Configure the items on the page. Table 19 describes the configuration items.
Table 19 Configuration items on a branch node: 3/4
Item Descri
p
tion
Source IP
Address/Wildcard
Specify the traffic to be protected by giving the source IP address and wildcard,
destination IP address and wildcard, and the protocol type.
IMPORTANT:
Based on these configurations, the wizard will create an advanced ACL that permit
packets matching these criteria and apply this ACL to the IPsec policy. The ACL number
will be the smallest, available number in the range 3000 to 3999. If there is no number
available for the ACL, the wizard will prompt that your IPsec VPN policy configuration
fails.
Destination IP
Address/Wildcard
Protocol Type
Encryption Suite
Select the encryption suite for the IPsec proposal. An encryption suite specifies the IP
packet encapsulation mode, security protocol, and authentication and encryption
algorithms to be used. Options include:
TUNNEL-ESP-SHA1-3DESUses the tunnel mode for IP packet encapsulation, ESP
for packet protection, SHA1 for authentication, and 3DES for encryption.
TUNNEL-ESP-MD5-DESUses the tunnel mode for IP packet encapsulation, ESP for
packet protection, MD5 for authentication, and DES for encryption.
TUNNEL-AH-MD5-ESP-DESUses the tunnel mode for IP packet encapsulation,
ESP and AH for packet protection, MD5 for AH authentication, and DES for ESP
encryption.
TUNNEL-AH-MD5-ESP-3DESUses the tunnel mode for IP packet encapsulation,
ESP and AH for packet protection, MD5 for AH authentication, and 3DES for ESP
encryption.