HP 630n HP Jetdirect Print Servers - Administrator's Guide - Page 120
IPsec Protocols (Manual Keys), Manual Keys, IPsec Protocols
UPC - 808736806244
View all HP 630n manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 120 highlights
IPsec Protocols (Manual Keys) Items on the IPsec Protocols page are described in the following table. To use manual keys for key negotiation, use the following steps: 1. Specify IPsec protocol encryption and authentication methods to use for security associations (SA) in this rule. Configuration of manual keys depends on your selections. 2. Click OK, and then configure the manual keys for this template. Table 5-14 IPsec Protocols (Manual Keys) page Item Description Encapsulation Type Specify how the selected IPsec protocols (ESP or AH) are encapsulated: ● Transport (default): Only the user data in each IP packet is protected, the IP packet header is not protected. ● Tunnel: All packet fields are protected, including the IP packet header. Cryptographic Parameters Set the encryption method/strength and the authentication methods used: ● ESP IPsec encapsulating security payload (ESP) protocol for IP packets. ESP headers are inserted in packets to ensure privacy and integrity of packet contents. Select among the supported encryption methods/strengths and authentication methods to be used for data protection. ● AH IPsec authentication header (AH) protocol for IP packets. AH headers are inserted in packets to protect integrity of packet contents through cryptographic checksums. Select among the supported authentication methods. CAUTION: IPsec AH might not function properly in environments that use network address translation (NAT). NOTE: For manual keys, you can select only one authentication method. You cannot use ESP authentication if AH is enabled. If you enable ESP and AH, you must select an AH authentication method. Manual Keys Items on the Manual Keys page are described in the following table. Use this page to configure encryption keys and Security Associations (SA) manually. Because the applicable hosts are also manually configured, authentication and dynamic key generation are not needed. Table 5-15 Manual Keys page Item Description SPI Format Use hexadecimal or decimal values to specify SPI values. ESP SPI (ESP SPI fields are listed if ESP is enabled on the IPsec Protocols page.) A 32-bit field in an ESP header used to identify the IPsec security association (SA). In Value for an SA to use for packets received by the device. Out Value for an SA to use for packets sent by the device. AH SPI (AH SPI fields are listed if AH is enabled on the IPsec Protocols page.) A 32-bit field in an authentication header used to identify the IPsec SA. In Value for an SA to use for packets received by the device. Out Value for an SA to use for packets sent by the device. 110 Chapter 5 IPsec/Firewall configuration (V.38.xx) ENWW