Specifying Authentication And Encryption Algorithms For The Vam Server; Configuring An Authentication Method - HPE FlexNetwork MSR Series Comware 7 Layer 3 - Ip Services Configuration Manuals
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (861 pages) ,
- Comware 5 security configuration manual (547 pages) ,
- Comware 5 layer 2 - wan access configuration manual (420 pages)
Table of Contents
Advertisement
Step
2.
Set the port number of the
VAM server.
Specifying authentication and encryption algorithms for the
VAM server
The VAM server uses the specified algorithms to negotiate with the VAM client.
The VAM server and client use SHA-1 and AES-CBC-128 during connection initialization, and use
the negotiated algorithms after connection initialization.
The algorithm specified earlier in a command line has a higher priority. The configuration of the
commands that specify authentication and encryption algorithms does not affect registered VAM
clients. It applies to subsequently registered VAM clients.
To specify authentication and encryption algorithms for the VAM server:
Step
1.
Enter system view.
2.
Enter ADVPN domain view.
3.
Specify authentication
algorithms.
4.
Specify encryption
algorithms.
Configuring an authentication method
The VAM server uses the specified method to authenticate clients in the ADVPN domain. The VAM
server supports PAP and CHAP authentication.
If the specified ISP domain does not exist, the authentication will fail. A newly configured
authentication method does not affect registered VAM clients. It applies to subsequently registered
VAM clients.
To configure an authentication method:
Step
1.
Enter system view.
2.
Enter ADVPN domain view.
3.
Specify an authentication
method.
Command
vam server listen-port
port-number
Command
system-view
vam server advpn-domain
domain-name [ id domain-id ]
authentication-algorithm
{ aes-xcbc-mac | md5 | none |
sha-1 | sha-256 } *
encryption-algorithm
{ 3des-cbc | aes-cbc-128 |
aes-cbc-192 | aes-cbc-256 |
aes-ctr-128 | aes-ctr-192 |
aes-ctr-256 | des-cbc | none } *
Command
system-view
vam server advpn-domain
domain-name [ id domain-id ]
authentication-method { none |
{ chap | pap } [ domain
isp-name ] }
366
Remarks
The default port number is 18000.
The port number of the VAM
server must be the same as that
configured on the VAM clients.
Remarks
N/A
N/A
The default authentication
algorithm is SHA-1.
The default encryption algorithms
are AES-CBC-256,
AES-CBC-192, AES-CBC-128,
AES-CTR-256, AES-CTR-192,
AES-CTR-128, 3DES-CBC, and
DES-CBC in descending order of
priority.
Remarks
N/A
N/A
By default, the authentication
method is CHAP, and the default
domain is used.
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the FlexNetwork MSR Series and is the answer not in the manual?