EasyManua.ls Logo

Alcatel-Lucent AOS-W 6.5.3.x - Page 251

Alcatel-Lucent AOS-W 6.5.3.x
1160 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Policy Name
Policy
Number
IKE
Version
Encryption
Algorithm
Hash
Algorithm
Authentica
-tion
Method
PRF
Method
Diffie-
Hellman
Group
Default Suite-B
128bit ECDSA
protection suite
10008 IKEv2 AES - 128 SHA 256-
128
ECDSA-256
Signature
hmac-
sha2-256
Random
ECP
Group
(256 bit)
Default Suite-B
256 bit ECDSA
protection suite
10009 IKEv2 AES -256 SHA 384-
192
ECDSA-384
Signature
hmac-
sha2-384
Random
ECP
Group
(384 bit)
Default RAP
IKEv2 RSA
protection suite
10012 IKEv2 AES -256 SSHA160 RSA
Signature
hmac-
sha1
14 2048-
bit group
WAN Configuration
Use the WAN tab to define settings for the features described below. For additional information on each of
these features, refer also to the following sections of this document:
n WAN Failure (Authentication) Survivability on page 218
n WAN Health Check on page 224
n Branch Switch Routing Features on page 229
n WAN Optimization through IP Payload Compression on page 224
n Interface Bandwidth Contracts on page 225
n Branch Integration with a Palo Alto Networks (PAN) Portal on page 226
To configure WAN survivability, Health Check, Policy-Based Routing, WAN Optimization, Bandwidth
Management and PAN portal settings for the branch switches in a branch config group ,navigate to
Configuration>Branch>Smart Config and select the WAN tab. The settings on the WAN tab are described
in the table below.
Parameter Description
WAN Failure Survivability
Enable Auth-Survivability This parameter controls whether to use the Survival Server when no other
authentication servers in the server group are in-service.
This parameter also controls whether to store the user access credential in the
Survival Server when it is authenticated by an external RADIUS or LDAP server in
the server group. Authentication Survivability is enabled or disabled at each
switch. This parameter is disabled by default.
NOTE: Authentication Survivability will not activate if Authentication Server Dead
Time is configured as 0. For more information on configuring Authentication
Server Dead Time, see Configuring Authentication Timers on page 210.
Authentication Server
Certificate
This parameter allows you to view the name of the server certificate used by the
local Survival Server. The local Survival Server is provided with a default server
certificate from AOS-W . The customer server certificate must be imported into
the switch first, and then you can assign the server certificate to the local Survival
Server.
Table 70: Branch Config Group WAN Setting
AOS-W 6.5.3.x | User Guide BranchSwitch Config for Cloud Services Switches | 251

Table of Contents