Manualshelf

R3166-R3206-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
61626364656667686970
64
Item Descri
p
tion
Pre-Shared Key
Select the authentication method for IKE negotiation and specify the required
argument. Options include:
Pre-Shared KeyUses the pre-shared key authentication method.
PKI DomainUses the RSA signature authentication method. Available PKI
domains are those configured by selecting VPN > PKI > Domain from the
navigation tree.
PKI Domain
Enable DPD
Select this check box to enable dead peer detection (DPD).
IMPORTANT:
If you enable DPD and the name of the IPsec VPN is abc, the wizard will create a DPD
named abc_dpd and apply it to peer abc_peer.
5. Click Next to enter the next page, as shown in Figure 49.
Figure 49 IPsec VPN policy configuration wizard: 4/4 (peer node)
6. Click Finish to complete the configuration. The system will jump to the page that you can enter by
selecting VPN > IPSec > IPSec Application from the navigation tree.
Configuring IPsec in the CLI
Configuring IPsec
IPsec can be implemented based on ACLs, tunnel interfaces, or applications:
ACL-based IPsec uses ACLs to identify the data flows to be protected. To implement ACL-based IPsec,
configure IPsec policies, reference ACLs in the policies, and apply the policies to physical interfaces
(see “Implementing ACL-based IPsec“)
. By using ACLs, you can customize IPsec policies as needed,
implementing IPsec flexibly.