R3303-HP HSR6800 Routers Layer 3 - IP Services Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR6804 Router Chassis

301

302

303

304

305

306

307

308

309

310

296

Configuring the listening IP address and UDP port number

To configure the listening IP address and UDP port number of the VAM server:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Configure the listening IP

address and UDP port

number of the server.

vam server ip-address ip-address

[ port port-number ]

Optional.

By default, no listening IP address

and UDP port number are

configured.

If you do not specify a listening IP address and port number on a VAM server, the VAM server listens to

all packets whose destination IP address is a local interface IP address and destination port number is

18000.

Configuring the security parameters of VAM protocol packets

Based on the packet integrity authentication algorithm and encryption algorithm configuration, a VAM

server negotiates with a client to determine the protocol packets' integrity authentication and encryption

algorithms to be used between them.

In the connection initialization process, SHA-1 is always used for authenticating connection requests from

clients and connection responses from the server. Whether subsequent protocol packets are to be

authenticated and what algorithms are available for authentication depend on your configuration.

In the connection initialization process, AES-128 is always used for encrypting connection requests from

clients and connection responses from the server. Whether subsequent protocol packets are to be

encrypted and what algorithms are available for encryption depend on your configuration.

The configuration order of the authentication and encryption algorithms determines the priorities of the

algorithms. For example, if you configure the encryption-algorithm aes-128 3des command, the AES-128

algorithm has a higher priority than 3DES.

To configure VAM protocol packet security parameters:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enter VPN domain view.

vam server vpn vpn-name N/A

3. Specify the algorithms for

protocol packet

authentication and their

priorities.

authentication-algorithm { none |

{ md5 | sha-1 } * }

Optional.

By default, SHA-1 is used for

protocol packet authentication.

4. Specify the algorithms for

protocol packet encryption

and their priorities.

encryption-algorithm { { 3des |

aes-256 | aes-128 | des } * |

none }

Optional.

By default, four encryption

algorithms are available and

preferred in this order: AES-128,

AES-256, 3DES, and DES.

Specifying the client authentication mode