Manualshelf

HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
451452453454455456457458459460
449
In the connection initialization process, the pre-shared key is used to generate the initial key for
validating and encrypting connection requests and connection responses. If encryption and
authentication is needed for subsequent packets, the pre-shared key is also used to generate the
connection key for validating and encrypting the subsequent packets.
To configure the pre-shared key of the VAM server:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter VPN domain view.
vam server vpn vpn-name N/A
3. Configure the pre-shared key
of the VAM server.
pre-shared-key { cipher | simple }
key-string
No pre-shared key exists by
default.
Configuring keepalive parameters
A client sends keepalive packets to the server periodically, and the server sends responses back to prove
its existence. If a server receives no keepalive packets from a client within a specific period (which equals
the product of the keepalive interval and the maximum number of transmission attempts), the server
removes information about the client and logs off the client.
You can set the interval at which a client sends keepalive packets and the maximum number of
transmission attempts. After a client registers with the server, the server sends these settings to the client
through its response packet.
To configure keepalive parameters:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter VPN domain view.
vam server vpn vpn-name N/A
3. Set the keepalive interval.
keepalive interval time-interval
Optional.
180 seconds by default.
4. Set the maximum number of
transmission attempts.
keepalive retry retry-times
Optional.
3 by default.
NOTE:
Your keepalive settings only apply to the clients registered after the configuration. The clients registered
before that continue to use the old settings.
Configuring a VAM client
Complete the following tasks to configure a VAM client:
Task Remarks
Creating a VAM client Required.
Setting the VAM protocol packet retransmission interval Optional.