Manualshelf

HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
211212213214215216217218219220
209
Table 15 Configuration items
Item Descri
tion
Encryption Suite
Select the encryption suite for the IPsec proposal. An encryption suite specifies the IP
packet encapsulation mode, security protocol, and authentication and encryption
algorithms to be used. Options include:
TUNNEL-ESP-SHA1-3DES—Uses the tunnel mode for IP packet encapsulation, ESP
for packet protection, SHA1 for authentication, and 3DES for encryption.
TUNNEL-ESP-MD5-DES—Uses the tunnel mode for IP packet encapsulation, ESP for
packet protection, MD5 for authentication, and DES for encryption.
TUNNEL-AH-MD5-ESP-DES—Uses the tunnel mode for IP packet encapsulation,
ESP and AH for packet protection, MD5 for AH authentication, and DES for ESP
encryption.
TUNNEL-AH-MD5-ESP-3DES—Uses the tunnel mode for IP packet encapsulation,
ESP and AH for packet protection, MD5 for AH authentication, and 3DES for ESP
encryption.
Pre-Shared Key
Select the authentication method for IKE negotiation, and specify the required
parameter. Options include:
Pre-Shared Key—Uses the pre-shared key authentication method.
PKI Domain—Uses the RSA signature authentication method. Available PKI
domains are those configured by selecting VPN > Certificate Manager > Domain
from the navigation tree.
IMPORTANT:
If you select PKI Domain, you create an IKE proposal numbered 1.
PKI Domain
Enable DPD
Select this box to enable DPD. If you enable DPD and the name of the IPsec VPN is
abc, the wizard creates a DPD named abc_dpd and applies it to peer abc_peer.
8. Click Next.
Figure 140 IPsec VPN policy configuration wizard: 4/4 (center node)