Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
621622623624625626627628629630
7-103
Virtual Private Networks
Configure an IPsec Site-to-Site VPN with IKE
19. For Trusted Certificate to verify Certificate, select the CA root certificate that
you installed in step 10 on page 7-100.
20. For Certificate Type, select RSA-MD5 or RSA-SHA-1.
This setting determines the algorithm for the private key. You should have
selected RSA Signature for Authentication Method in the IKE policy.
21. For Encryption Algorithm, select 3DES or DES.
22. For Challenge Password, type the password that your CA has given you.
A challenge password is typically used to revoke a certificate, but your
CA may also require you to enter a challenge password to request a
certificate. If your CA does not require a password, leave this box empty.
23. For Identifier to store Private Key, type a string between 1 and 31 alphanu-
meric characters. The string must be unique to this private key.
24. For Key Size, select 512, 1024, or 2048, which determines the length of the
key in bits.
25. Click Apply.
After the CA returns the certificate, the certificate and the private key are
displayed in the VPN > Certificates > IPsec Certificates window.
Figure 7-88. VPN > Certificates > IPsec Certificates (Certificate Installed)
Move to the next task: “Create an IPsec Proposal.”