Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1311131213131314131513161317131813191320
A-122
Command-Line Reference
IKEv1 Context
security-proposal
To configure the security settings proposed by the TMS zl Module for the IKE
SA, enter the following command:
Syntax: security-proposal dh-group <group type> encryption <encryption algorithm>
auth <authentication algorithm> sa-lifetime <seconds>
Replace <group type> with one of the following Diffie-Hellman groups:
group1-768
group2-1024
group5-1536
Replace <encryption algorithm> with one of the following encryption
algorithms:
des
3des
aes-128
aes-192
aes-256
Replace <authentication algorithm> with one of the following authentica-
tion algorithms:
md5
sha-1
Replace <seconds> with the number of seconds that the IKE SA is kept open.
Valid values are between 300 seconds (5 minutes) and 86400 seconds (1 day).
For example:
ProCurve(tms-module-<slot ID>:ikev1)# security-proposal
dh-group group2-1024 encryption des auth sha-1 sa-
lifetime 28800
type
With this command, you specify the type of VPN that the IKEv1 policy will
negotiate. On the TMS zl Module, you can create two types of IKE policies:
site-to-site and client-to-site.