HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

451

452

453

454

455

456

457

458

459

460

447

Enabling VAM server

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enable VAM server.

• (Method 1) Enable VAM server for one or all

VPN domains:

vam server enable { all | vpn vpn-name }

• (Method 2) Enable VAM server for a VPN

domain:

a. vam server vpn vpn-name

b. server enable

Use either method.

By default, VAM server is

disabled.

Configuring the listening IP address and UDP port number

To configure the listening IP address and UDP port number of the VAM server:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Configure the listening IP

address and UDP port

number of the server.

vam server ip-address ip-address

[ port port-number ]

Optional.

By default, no listening IP address

and UDP port number are

configured.

If you do not specify a listening IP address and port number on a VAM server, the VAM server listens to

all packets whose destination IP address is a local interface IP address and destination port number is

18000.

Configuring security parameters for VAM protocol packets

Based on the packet integrity authentication algorithm and encryption algorithm configuration, a VAM

server negotiates with a client to determine the protocol packets' integrity authentication and encryption

algorithms to be used between them.

In the connection initialization process, SHA-1 is always used for authenticating connection requests from

clients and connection responses from the server. Whether subsequent protocol packets are to be

authenticated and what algorithms are available for authentication depend on your configuration.

In the connection initialization process, AES-128 is always used for encrypting connection requests from

clients and connection responses from the server. Whether subsequent protocol packets are to be

encrypted and what algorithms are available for encryption depend on your configuration.

The configuration order of the authentication and encryption algorithms determines the priorities of the

algorithms. For example, if you configure the encryption-algorithm aes-128 3des command, the AES-128

algorithm has a higher priority than 3DES.

To configure VAM protocol packet security parameters:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enter VPN domain view.

vam server vpn vpn-name N/A