Configuring Crypto Maps For Manual Ipsec - HP ProCurve Secure Router 7203 dl Advanced Management And Configuration Manual
Secure router
Hide thumbs
Also See for ProCurve Secure Router 7203 dl:
- Configuration manual (1114 pages) ,
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
Table 8-20. Key Lengths for Standard Algorithms
Algorithm
Minimum Key Length in Bits
SHA
160
MD5
128
AES
• 128
• 192
• 256
DES
64
3DES
192
Configuring Crypto Maps for Manual IPSec
You define the IPSec SA in a crypto map entry. First create a crypto map entry
that uses manual keying:
Syntax: crypto map <mapname> <map index> [ipsec-ike | ipsec-manual]
For example:
ProCurve(config)# crypto map VPN 20 ipsec-manual
Specifying the Transform Set. Associate the crypto map entry with up to
six transform sets. Use this command, entered from the crypto map configu-
ration mode context:
Syntax: set transform-set <setname> [<setname2>] [<setname3>] [<setname4>]
[<setname5>] [<setname6>]
Defining the Keys. You then use the set session-key command to define
the keys that secure the IPSec SA. In this command, you specify:
1.
whether the key is for inbound or outbound traffic
2.
the key protocol (AH or ESP)
3.
SPI
4.
encryption key (for ESP)
5.
authentication key (optional for ESP)
Use the commands shown in Table 8-21 to configure the keys for the IPSec
SA. When you enter the key in HEX, do not enter the initial 0x for each
character.
Virtual Private Networks
Configuring a VPN Using IPSec
Minimum Key length in HEX
20
16
• 16
• 24
• 32
8
24
8-67
Advertisement
Chapters
Table of Contents
Troubleshooting
