EasyManuals Logo

HP 5920 Series Configuration Guide

HP 5920 Series
424 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #238 background imageLoading...
Page #238 background image
227
Configuring an IPsec transform set
An IPsec transform set, part of an IPsec policy, defines the security parameters for IPsec SA negotiation,
including the security protocol, encryption algorithms, and authentication algorithms.
Changes to an IPsec transform set affect only SAs negotiated after the changes. To apply the changes to
existing SAs, execute the reset ipsec sa command to clear the SAs so that they can be set up by using the
updated parameters.
To configure an IPsec transform set:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Create an IPsec
transform set and enter
its view.
ipsec transform-set transform-set-name
By default, no IPsec transform set
exists.
3. Specify the security
protocol for the IPsec
transform set.
protocol { ah | ah-esp | esp }
Optional.
By default, the IPsec transform set
uses ESP as the security protocol.
4. Specify the security
algorithms.
• (In non-FIPS mode.) Specify the
encryption algorithm for ESP:
esp encryption-algorithm { 3des-cbc
| aes-cbc-128 | aes-cbc-192 |
aes-cbc-256 | des-cbc | null } *
• (In FIPS mode.) Specify the
encryption algorithm for ESP:
esp encryption-algorithm
{ aes-cbc-128 | aes-cbc-192 |
aes-cbc-256 } *
• (In non-FIPS mode.) Specify the
authentication algorithm for ESP:
esp authentication-algorithm { md5
| sha1 } *
• (In FIPS mode.) Specify the
authentication algorithm for ESP:
esp authentication-algorithm sha1
• (In non-FIPS mode.) Specify the
authentication algorithm for AH:
ah authentication-algorithm { md5 |
sha1 } *
• (In FIPS mode.) Specify the
authentication algorithm for AH:
ah authentication-algorithm sha1
Configure at least one command.
By default, no security algorithm is
specified.
You can specify security algorithms
for a security protocol only when
the security protocol is used by the
transform set. For example, you
can specify the ESP-specific
security algorithms only when you
select ESP or AH-ESP as the security
protocol.
If you use ESP in FIPS mode, you
must specify both the ESP
encryption algorithm and the ESP
authentication algorithm.
You can specify multiple
algorithms by using one command,
and the algorithm specified earlier
has a higher priority.

Table of Contents

Other manuals for HP 5920 Series

Preview: Command Reference
Command Reference607 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide215 pages
Preview: Installation Guide
Installation Guide63 pages
Preview: Troubleshooting Guide
Troubleshooting Guide52 pages
Preview: Fc And Fcoe Configuration Guide
Fc And Fcoe Configuration Guide257 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual58 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 5920 Series and is the answer not in the manual?

HP 5920 Series Specifications

General IconGeneral
BrandHP
Model5920 Series
CategorySwitch
LanguageEnglish

Related product manuals