Manualshelf

R3721-F3210-F3171-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
161162163164165166167168169170
160
Figure 111 IPsec proposal configuration in custom mode
Table 11 Configuration items in custom mode
Item Descri
tion
Proposal Name
Enter a name for the IPsec proposal.
Encapsulation
Mode
Select an IP packet encapsulation mode for the IPsec proposal. Options include:
Tunnel—Uses the tunnel mode.
Transport—Uses the transport mode.
Security Protocol
Select a security protocol setting for the proposal. Options include:
AH—Uses the AH protocol.
ESP—Uses the ESP protocol.
AH-ESP—Uses ESP first and then AH.
AH Authentication
Algorithm
Select an authentication algorithm for AH when the security protocol setting is AH or
AH-ESP.
Available authentication algorithms include MD5 and SHA1.
In FIPS mode, the firewall does not support MD5. If MD5 is selected, the configuration
does not take effect.
ESP Authentication
Algorithm
Select an authentication algorithm for ESP when the security protocol setting is ESP or
AH-ESP.
You can select MD5 or SHA1, or leave it null so the ESP performs no authentication.
IMPORTANT:
The ESP authentication algorithm and ESP encryption algorithm cannot be both
null.
In FIPS mode, the firewall does not support MD5. Do not select MD5 but you
must select both an authentication algorithm and an encryption algorithm for
ESP.