Ipsec Association; Association Configuration Parameters - HP StorageWorks 8/20q Command Line Interface Manual

ipsec association

Description Creates and manages associations in the Security Association database.
Authority Admin session and an Ipsec Edit session
Syntax
ipsec association
copy [association_source] [association_destination]
create [association]
delete [association]
edit [association]
list [association]
rename [association_old] [association_new]
Operands
copy [association_source] [association_destination]
Creates a new association named [association_destination] and copies the configuration into it
from the association given by [association_source]. [association_destination] must not begin with
DynamicSA_, which is reserved for dynamic associations. You must enter the Ipsec Save
command afterwards to save your changes.
create [association]
Creates an association with the name given by [association]. An association name must begin
with a letter and be no longer than 32 characters. Valid characters are alphanumeric, _, $, ^,
and -. The Security Association database supports a maximum of 512 user-defined associations.
You must enter the Ipsec Save command afterwards to save your changes.
the association configuration parameters.
Table 13
Parameter
Description
SourceAddress
DestinationAddress
Protocol
SPI
Authentication
AuthenticationKey
162 Command Reference

Association configuration parameters

Description
Description of the association indicating its purpose or the types of
connections which it secures.
IP address (version 4 or 6) or DNS host name of the host, switch, or
gateway from which data originates
IP address (version 4 or 6) or DNS host name of the host, switch, or
gateway receiving data. If you specified an IP address for the
SourceAddress, the DestinationAddress must use the same
IP version format.
IP security protocol to be used to process data. The protocol can be
one of the following:
•
•
•
•
Security parameters index number in the range 256–4,294,967,295
Algorithm to use to authenticate the source or destination. The
authentication algorithm can be one of the following:
•
•
•
•
Key string to use for authentication such as
"12345678901234567890"
Encapsulated Security Payload–RFC 2406 (esp)
Encapsulated Security Payload–RFC 1827 (esp-old)
Authentication Header– RFC 2402 (ah)
Authentication Header–RFC 1826 (ah-old)
HMAC-MD5
HMAC-SHA1
HMAC-SHA256
AES-XCBC-MAC
Table 13 describes