HP 8/20q HP StorageWorks 8/20q Fibre Channel Switch Command Line Interface Gui - Page 162
ipsec association, Table 13 Association configuration parameters
View all HP 8/20q manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 162 highlights
ipsec association Description Creates and manages associations in the Security Association database. Authority Admin session and an Ipsec Edit session Syntax ipsec association copy [association_source] [association_destination] create [association] delete [association] edit [association] list [association] rename [association_old] [association_new] Operands copy [association_source] [association_destination] Creates a new association named [association_destination] and copies the configuration into it from the association given by [association_source]. [association_destination] must not begin with DynamicSA_, which is reserved for dynamic associations. You must enter the Ipsec Save command afterwards to save your changes. create [association] Creates an association with the name given by [association]. An association name must begin with a letter and be no longer than 32 characters. Valid characters are alphanumeric, _, $, ^, and -. The Security Association database supports a maximum of 512 user-defined associations. You must enter the Ipsec Save command afterwards to save your changes. Table 13 describes the association configuration parameters. Table 13 Association configuration parameters Parameter Description SourceAddress DestinationAddress Protocol SPI Authentication AuthenticationKey Description Description of the association indicating its purpose or the types of connections which it secures. IP address (version 4 or 6) or DNS host name of the host, switch, or gateway from which data originates IP address (version 4 or 6) or DNS host name of the host, switch, or gateway receiving data. If you specified an IP address for the SourceAddress, the DestinationAddress must use the same IP version format. IP security protocol to be used to process data. The protocol can be one of the following: • Encapsulated Security Payload-RFC 2406 (esp) • Encapsulated Security Payload-RFC 1827 (esp-old) • Authentication Header- RFC 2402 (ah) • Authentication Header-RFC 1826 (ah-old) Security parameters index number in the range 256-4,294,967,295 Algorithm to use to authenticate the source or destination. The authentication algorithm can be one of the following: • HMAC-MD5 • HMAC-SHA1 • HMAC-SHA256 • AES-XCBC-MAC Key string to use for authentication such as "12345678901234567890" 162 Command Reference