EasyManuals Logo

HP 5920 Series Configuration Guide

HP 5920 Series
424 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #7 background imageLoading...
Page #7 background image
v
Configuration guidelines ···································································································································· 192
Configuring automatic certificate request ········································································································· 192
Manually requesting a certificate ······················································································································ 193
Aborting a certificate request ····································································································································· 194
Obtaining certificates ·················································································································································· 194
Configuration prerequisites ································································································································ 194
Configuration guidelines ···································································································································· 194
Configuration procedure ···································································································································· 195
Verifying PKI certificates ·············································································································································· 195
Verifying certificates with CRL checking ··········································································································· 195
Verifying certificates without CRL checking ······································································································ 196
Specifying the storage path for the certificates and CRLs ······················································································· 196
Exporting certificates ··················································································································································· 197
Removing a certificate ················································································································································· 197
Configuring a certificate access control policy ········································································································· 198
Displaying and maintaining PKI ································································································································· 199
PKI configuration examples ········································································································································· 199
Requesting a certificate from an RSA Keon CA server ···················································································· 200
Requesting a certificate from a Windows Server 2003 CA server ······························································· 202
Requesting a certificate from an OpenCA server ···························································································· 206
Certificate import and export configuration example ····················································································· 209
Troubleshooting PKI configuration ······························································································································ 214
Failed to obtain the CA certificate ····················································································································· 214
Failed to obtain local certificates ······················································································································· 215
Failed to request local certificates ····················································································································· 216
Failed to obtain CRLs ·········································································································································· 216
Failed to import the CA certificate ····················································································································· 217
Failed to import a local certificate ····················································································································· 217
Failed to export certificates ································································································································ 218
Failed to set the storage path ····························································································································· 218
Configuring IPsec ···················································································································································· 220
Overview ······································································································································································· 220
Security protocols and encapsulation modes ··································································································· 221
Security association ············································································································································· 222
Authentication and encryption ··························································································································· 223
IPsec implementation ··········································································································································· 223
Protocols and standards ····································································································································· 224
IPsec tunnel establishment ··········································································································································· 224
Implementing ACL-based IPsec ··································································································································· 225
Feature restrictions and guidelines ···················································································································· 225
ACL-based IPsec configuration task list ············································································································· 225
Configuring an ACL ············································································································································ 226
Configuring an IPsec transform set ···················································································································· 227
Configuring a manual IPsec policy···················································································································· 228
Configuring an IKE-based IPsec policy ············································································································· 230
Applying an IPsec policy to an interface ·········································································································· 234
Enabling ACL checking for de-encapsulated packets ······················································································ 234
Configuring the IPsec anti-replay function ········································································································ 235
Binding a source interface to an IPsec policy ·································································································· 236
Enabling QoS pre-classify ·································································································································· 236
Enabling logging of IPsec packets ····················································································································· 237
Configuring the DF bit of IPsec packets ············································································································ 237
Configuring IPsec for IPv6 routing protocols ············································································································· 238
Configuration task list ········································································································································· 238

Table of Contents

Other manuals for HP 5920 Series

Preview: Command Reference
Command Reference607 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide215 pages
Preview: Installation Guide
Installation Guide63 pages
Preview: Troubleshooting Guide
Troubleshooting Guide52 pages
Preview: Fc And Fcoe Configuration Guide
Fc And Fcoe Configuration Guide257 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual58 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 5920 Series and is the answer not in the manual?

HP 5920 Series Specifications

General IconGeneral
BrandHP
Model5920 Series
CategorySwitch
LanguageEnglish

Related product manuals