Motorola WiNG 4.4 Reference Manual page 427

ESP Encryption
Scheme
ESP Authentication
Scheme
Mode
5. Refer to the Status
goes wrong in the transaction between the applet and the switch.
6. Click OK to use the changes to the running configuration and close the dialog.
7. Click Cancel to close the dialog without committing updates to the running configuration.
6.7.1.2 Adding a New Transform Set
A transform set represents a combination of security protocols and algorithms. During the IPSec security association
negotiation, peers agree to use a particular transform set for protecting data flow. If the attributes of an existing transform
set no longer lend themselves useful, and an existing transform set is not required, create a new transform set to meet
the needs of your network.
To edit the attributes of an existing transform set:
1. Select Security
2. Click the Configuration
3. Click the Add button.
Select the Use ESP checkbox (if necessary) to modify the ESP Encryption Scheme. Options
include:
• None - No ESP encryption is used with the transform set.
• ESP-DES - ESP with the 56-bit DES encryption algorithm.
• ESP-3DES - ESP with 3DES, ESP with AES.
• ESP-AES - ESP with 3DES, ESP with AES (128 bit key).
• ESP-AES 192 - ESP with 3DES, ESP with AES (192 bit key).
• ESP-AES 256 - ESP with 3DES, ESP with AES (256 bit key).
Select the Use ESP checkbox (if necessary) to modify the ESP Authentication Scheme. Options
include:
• None - No ESP authentication is used with the transform set.
• MD5-HMAC - AH with the MD5 (HMAC variant) authentication algorithm.
• SHA-HMAC - AH with the SHA (HMAC variant) authentication algorithm.
Modify (if necessary) the current mode used with the transform set. The mode is either Tunnel or
Transport.
field for the state of the requests made from applet. This field displays error messages if something
> IPSec VPN from the main menu tree.
tab.
Switch Security 6 - 75