Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
531532533534535536537538539540
7-14
Virtual Private Networks
IPsec Concepts
Exchange 1: Security parameters
. In the first exchange, the endpoint that
initiates the VPN connection sends a message to the remote endpoint with one
or more security proposals. Each proposal includes one of the options for
these parameters:
Authentication algorithm:
•MD5
•SHA-1
Encryption algorithm:
•DES
•3DES
AES with 128, 192, or 256-bit keys
Authentication method:
Preshared key
Certificates (Digital Signature Algorithm [DSA] or Rivest-Shamir-
Adleman [RSA] Signature)
Diffie-Hellman group:
Group 1 (768)
Group 2 (1024)
Group 5 (1536)
SA lifetime in seconds
Other parameters such as whether XAUTH is required or NAT-T is sup-
ported
You will specify these proposals in an IKE policy.