EasyManua.ls Logo

Ruckus Wireless Virtual SmartZone - Page 105

Ruckus Wireless Virtual SmartZone
470 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
2. On the sidebar, click IPSec.
The IPsec page appears.
3. Click Create New.
The Create IPSec Profile form appears.
4. In General Options, configure the following:
Name: Type name for the IPSec profile that you are creating.
Description: Type a description for this profile.
Security Gateway: Type the IP address or FQDN of the IPSec server. If you use the IP
address, the IP address format that you must enter will depend on the IP mode that is
configured on the controller.
5. In Authentication, configure the following:
Type: Click Preshared Key to use PSK for authentication or click Certificate to use an
X.509 certificate on the certificate authority (CA) or registration authority (RA) server. The
controller uses the CMPv2 protocol to obtain the signed certificate from the CA/RA server.
Preshared Key: If you clicked Preshared Key in Type, type the PSK in this box. The PSK
must be eight to 128 ASCII characters in length.
6. In Security Association, configure the following:
IKE Proposal Type: Click Default to use the default Internet Key Exchange (IKE) security
association (SA) proposal type or click Specific to manually configure the IKE SA proposal.
If you clicked Specific, you will need to configure the following settings:
Encryption Algorithm: Options include 3DES, AES128, AES192, and AES256.
Integrity Algorithm: Options include MD5, SHA1, AES-XCBC, SHA256, SHA384, and
SHA512.
Pseudo-Random Function: Options include Use integrity ALG, PRF-MD5, PRF-SHA1,
PRF-AES-XCBC, PRF-AES-CMAC, PRF-SHA256, and PRF-SHA384.
DH Group: Options for Diffie-Hellman groups for IKE include modp768, modp1024,
modp1536, modp2048, modp3072, modp4096, modp6144, and modp8192.
ESP Proposal Type: Click Default to use the default Encapsulating Security Payload
(ESP) SA proposal type or click Specific to manually configure the ESP proposal. If you
clicked Specific, you will need to configure the following settings:
Encryption Algorithm: Options include 3DES, AES128, AES192, AES256, and NONE.
Integrity Algorithm: Options include MD5, SHA1, AES-XCBC, SHA256, SHA384, and
SHA512
DH Group: Options for Diffie-Hellman groups for ESP include None, modp768,
modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, and
modp8192.
7. In Rekey Options, configure the following:
SmartCell Gateway 200/Virtual SmartZone High-Scale for Release 3.4.1 Administrator Guide
105
Managing Global Configuration, AP Tunnel Profiles, Templates, and AP Registration Rules
Creating AP Tunnel Profiles

Table of Contents

Related product manuals