EasyManuals Logo

HPE FlexNetwork 5510 HI Series Security Configuration Guide

HPE FlexNetwork 5510 HI Series
551 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #279 background imageLoading...
Page #279 background image
266
Step
Command
Remarks
2.
Create an IPsec
transform set and enter
its view.
ipsec
transform-set
transform-set-name
By default, no
IPsec transform
set exists.
3.
Specify the security
protocol for the IPsec
transform set.
protocol
{
ah
|
ah-esp
|
esp
}
Optional.
By default, the IPsec transform
set uses ESP
as the security
protocol.
4.
Specify the security
algorithms.
(Release 1111.) Specify the encryption
algorithm for ESP:
• In non-FIPS mode:
esp encryption-algorithm
{ 3des-cbc | aes-cbc-128 |
aes-cbc-192 | aes-cbc-256 |
des-cbc | null } *
• In FIPS mode:
esp encryption-algorithm
{ aes-cbc-128 | aes-cbc-192 |
aes-cbc-256 } *
(Release 1121 and later.) Specify the
encryption algorithm for ESP:
• In non-FIPS mode:
esp encryption-algorithm
{ 3des-cbc | aes-cbc-128 |
aes-cbc-192 | aes-cbc-256 |
aes-ctr-128 | aes-ctr-192 |
aes-ctr-256 | camellia-cbc-128 |
camellia-cbc-192 |
camellia-cbc-256 | des-cbc |
gmac-128 | gmac-192 |
gmac-256 | gcm-128 | gcm-192 |
gcm-256 | null } *
• In FIPS mode:
esp encryption-algorithm
{ aes-cbc-128 | aes-cbc-192 |
aes-cbc-256 | aes-ctr-128 |
aes-ctr-192 | aes-ctr-256 |
gmac-128 | gmac-192 |
gmac-256 | gcm-128 | gcm-192 |
gcm-256 } *
(Release 1111
.) Specify the
authentication algorithm for ESP:
• In non-FIPS mode:
esp authentication-algorithm
{ md5 | sha1 } *
• In FIPS mode:
esp authentication-algorithm
sha1
(Release 1121 and later.) Specify the
authentication algorithm for ESP:
• In non-FIPS mode:
esp authentication-algorithm
{ aes-xcbc-mac | md5 | sha1 |
sha256 | sha384 | sha512 } *
• In FIPS mode:
esp authentication-algorithm
{ sha1 | sha256 | sha384 |
sha512 } *
(Release 1111.) Specify the
Configure at least one command.
By default, no security algorithm
is specified.
You
can specify security
algorithms for a security protocol
only when the security protocol is
used by the transform set. For
example, you can specify the
ESP-specific security algorithms
only when you select ESP or
AH-ESP as the security protocol.
If you use ESP in FIPS mode,
you must specify both the ESP
encryption algorithm and the
ESP authentication algorithm.
You can specify multiple
algorithms by using one
command, and the algorithm
specified earlier has a higher
priority.
The
aes-ctr-128
,
aes-ctr-192
,
aes-ctr-256
,
camellia-cbc-128
,
camellia-cbc-192
,
camellia-cbc-256
,
gmac-128
,
gmac-192
,
gmac-256
,
gcm-128
,
gcm-192
, and
gcm-256
encryption algorithms and the
aes-xcbc-mac
,
sha256
,
sha384
, and
sha512
authentication algorithms are
available only for IKEv2.

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Preview: Configuration Guide
Configuration Guide572 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide209 pages
Preview: Layer 3 - Ip Routing Configuration Guide
Layer 3 - Ip Routing Configuration Guide486 pages
Preview: Network Management And Monitoring Configuration Guide
Network Management And Monitoring Configuration Guide331 pages
Preview: Macsec Configuration Guide
Macsec Configuration Guide27 pages
Preview: Acl And Qos Configuration Guide
Acl And Qos Configuration Guide114 pages
Preview: Mpls Configuration Guide
Mpls Configuration Guide505 pages
Preview: Openflow Configuration Guide
Openflow Configuration Guide39 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork 5510 HI Series and is the answer not in the manual?

HPE FlexNetwork 5510 HI Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork 5510 HI Series
CategorySwitch
LanguageEnglish

Related product manuals