Ipsec Settings (Custom Setup Only) - HP 7102dl - ProCurve Secure Router Configuration Manual
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
C a u t i o n
Using the Web Browser Interface for Advanced Configuration Tasks
Figure 16-77. Establishing Security Parameters for the IPSec SA
IPSec Settings (Custom Setup Only)
In this window, you can alter the settings IKE proposes for the IKE SA,
including:
Encryption/hash algorithm—You can select any combination of ESP
encryption and/or hash algorithm, AH hash algorithm, or AH hash and ESP
encryption and/or hash algorithm from the Encryption Algorithm pull-
down menu.
PFS Diffie-Hellman group—If you specify a perfect forward secrecy (PFS)
group, IKE uses the Diffie-Hellman protocol to generate entirely new keys
for the IPSec SA. You can select group 1 or group 2. By default, IKE does
not use a PFS. (See Chapter 10: Virtual Private Networks for more
information on PFS.)
IPSec SA lifetime—You can specify a setting in kilobytes, seconds, or both.
The router terminates the tunnel when the first limit is reached.
Table 16-4 displays settings available for these parameters.
Take care when altering default security settings. Security parameters for both
the IKE and the IPSec SA must match those proposed by the peer.
Setting Up Virtual Private Networks
16-99
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
