EasyManuals Logo

HP 5500 HI Series User Manual

HP 5500 HI Series
444 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #9 background imageLoading...
Page #9 background image
vii
Protocols and standards ····································································································································· 270
FIPS compliance ··························································································································································· 270
Configuring IPsec ························································································································································· 270
Implementing ACL-based IPsec ··································································································································· 270
Feature Restrictions ·············································································································································· 270
ACL-based IPsec configuration task list ············································································································· 271
Configuring ACLs ················································································································································ 271
Configuring an IPsec proposal ·························································································································· 273
Configuring an IPsec policy ······························································································································· 274
Applying an IPsec policy group to an interface ······························································································· 278
Configuring the IPsec session idle timeout ········································································································ 278
Enabling ACL checking of de-encapsulated IPsec packets ············································································· 279
Configuring the IPsec anti-replay function ········································································································ 279
Configuring packet information pre-extraction ································································································ 280
Configuring IPsec for IPv6 routing protocols ············································································································· 280
Displaying and maintaining IPsec ······························································································································ 281
IPsec configuration examples······································································································································ 281
IKE-based IPsec tunnel for IPv4 packets configuration example ····································································· 281
IPsec for RIPng configuration example ·············································································································· 284
Configuring IKE ······················································································································································· 288
FIPS compliance ··························································································································································· 288
Overview ······································································································································································· 288
IKE security mechanism ······································································································································· 288
IKE operation ······················································································································································· 289
IKE functions ························································································································································· 289
Relationship between IKE and IPsec ·················································································································· 290
Protocols and standards ····································································································································· 290
IKE configuration task list ············································································································································ 290
Configuring a name for the local security gateway ································································································· 291
Configuring an IKE proposal ······································································································································ 291
Configuring an IKE peer ·············································································································································· 292
Setting keepalive timers ··············································································································································· 294
Setting the NAT keepalive timer ································································································································· 294
Configuring a DPD detector ········································································································································ 295
Disabling next payload field checking ······················································································································ 295
Displaying and maintaining IKE ································································································································· 296
IKE configuration example ·········································································································································· 296
Troubleshooting IKE ····················································································································································· 299
Invalid user ID ······················································································································································ 299
Proposal mismatch ·············································································································································· 299
Failing to establish an IPsec tunnel ···················································································································· 300
ACL configuration error ······································································································································ 300
Configuring SSH2.0 ··············································································································································· 301
Overview ······································································································································································· 301
SSH operation ····················································································································································· 301
SSH connection across VPNs ····························································································································· 303
FIPS compliance ··························································································································································· 304
Configuring the switch as an SSH server ·················································································································· 304
SSH server configuration task list ······················································································································ 304
Generating DSA or RSA key pairs ···················································································································· 304
Enabling the SSH server function ······················································································································· 305
Configuring the user interfaces for SSH clients ································································································ 305
Configuring a client public key ·························································································································· 306

Table of Contents

Other manuals for HP 5500 HI Series

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 5500 HI Series and is the answer not in the manual?

HP 5500 HI Series Specifications

General IconGeneral
BrandHP
Model5500 HI Series
CategorySwitch
LanguageEnglish

Related product manuals