Configuring Ipsec Sa Parameters; Transform Sets - HP 7102dl - ProCurve Secure Router Configuration Manual
Procurve secure router 7000dl series - advanced management and configuration guide
Hide thumbs
Also See for 7102dl - ProCurve Secure Router:
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
Virtual Private Networks
Configuring a VPN Using IPSec
10-40
pass through the WAN interface and so receive the router's public IP address.
However, only traffic from local private networks can access the VPN tunnel,
so the traffic cannot reach its destination.
You can force all traffic sent to a server to use the IP address of LAN interface
so that it can access the remote VPN site.
Enter one of these commands from the global configuration mode context:
Syntax: ip [tftp | sntp | ftp] source-interface <interface ID>
Syntax: snmp-server source-interface <interface ID>
For example, you can set Ethernet 0/1 as the source interface for all traffic
sent to a TFTP server.
ProCurve(config)# ip tftp source-interface eth 0/1
Configuring IPSec SA Parameters
You configure the security parameters that IKE proposes during IKE phase 2
for the IPSec SA in:
a transform set
a crypto map entry
Transform Sets
A transform set contains the hash and encryption algorithms used to secure
data transmitted over the VPN tunnel. To create a transform set, complete
these steps:
1.
Name the transform set.
2.
Select AH or ESP. (See "IPSec Headers" on page 10-5 in the chapter
overview for more information on the difference between these two
protocols.)
- Quick Links:
- Procurve Secure Router
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
