HP ProCurve Secure Router 7203 dl Advanced Management And Configuration Manual page 483
Secure router
Hide thumbs
Also See for ProCurve Secure Router 7203 dl:
- Configuration manual (1114 pages) ,
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
6.
Create an IKE policy:
Syntax: crypto ike policy <IKE policynumber>
For example:
ProCurve(config)# crypto ike policy 10
7.
Prevent the router from initiating IKE:
ProCurve(config-crypto-ike)# no initiate
8.
Set the peer ID:
ProCurve(config-crypto-ike)# peer any
9.
Apply the IKE client pool to the IKE policy:
Syntax: client configuration pool <poolname>
10. Create an attribute policy:
Syntax: attribute <attribute policynumber>
11. Enter settings for the IKE SA, including authentication method, authenti-
cation algorithm, encryption algorithm, Diffie-Hellman group, and IKE SA
lifetime:
Syntax: authentication [dss-sig | pre-share | rsa-sig]
Syntax: hash [md5 | sha]
Syntax: encryption [3des | aes-128-cbc | aes-192-cbc | aes-256-cbc | des]
Syntax: group [1 | 2]
Syntax: lifetime <seconds>
12. If so desired, repeat steps 11 and 12 to configure multiple attribute
policies. The router uses the policy with the lowest number first.
13. If so desired, configure another IKE policy to connect to a remote site.
(See "Configuring a Site-to-Site VPN" on page 8-90.)
14. Exit to the global configuration mode and configure algorithms for the
IPSec SA in a transform set:
•
AH protocol:
Syntax: crypto ipsec transform-set <setname> [ah-md5-hmac | ah-sha-
hmac]
•
ESP protocol:
Syntax: crypto ipsec transform-set <setname> [esp-des | esp-3des | esp-
aes-128-cbc | esp-aes-192-cbc | esp-aes-256-cbc | esp-null] [esp-md5-
hmac | esp-sha-hmac]
Virtual Private Networks
Quick Start
8-97
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the ProCurve Secure Router 7203 dl and is the answer not in the manual?
Questions and answers