Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
511512513514515516517518519520
7-70
Virtual Private Networks
IPsec VPNs
Figure 7-58. Add IPsec Policy Window—Step 2 of 4 (Bottom Section)
14. Next, set the SPI and keys for the protocol that you selected in the IPsec
proposal (ESP, in the example displayed in Figure 7-58). The correct
number of characters for a key depends on the algorithm that you selected
in the IPsec proposal and is indicated to the right of the box. Note also
that if you selected AH, you will not see boxes for encryption keys:
a. For SPI Number, type a decimal number that uniquely identifies this
IPsec SA. You must match the SPI on the remote gateway. (In log files
and packet sniffers, this number may be represented in hexadecimal.)
b. For Inbound Encryption Key (ESP only), type a character string of the
specified length. The string must match the outbound encryption key
on the remote gateway.
It is best practice to use a mix of character types (alphanumeric and
special) and not to use dictionary words.
c. For Outbound Encryption Key (ESP only), type a character string of the
specified length. The string must match the inbound encryption key
on the remote gateway.
d. For Inbound Authentication Key, type a character string of the specified
length. The string must match the outbound authentication key on the
remote gateway.
e. For Outbound Authentication Key, type a character string of the speci-
fied length. The string must match the inbound encryption key on the
remote gateway.
15. Click Next.