search

Enterasys Networks CSX7000 User Manual Page 235

  • Download
  • Add to my manuals
  • Print
  • Page
    / 729
  • Table of contents
  • BOOKMARKS
    • Rated. / 5. Based on customer reviews
Page view 234
Central Site Remote Access Switch 235
C
ONFIGURING
E
NCRYPTION
Configuration
associations for incoming and outgoing packets. The incoming packet security association on site
“A” must match the outgoing packet security association on site “B” and vice versa.
F
INAL DESTINATION IP ADDRESS
IP address using dotted decimal notation that specifies the remote (“destination”) trusted network
or host.
S
UBNET MASK
The subnet mask identifies a subnetwork. The value of the mask determines which part of the 32-
bit IP address is the “network” address. For example, if you have an IP address of 197.4.2.2 and
specify a 16-bit mask, the system recognizes the subnetwork as 197.4.0.0. The last two bytes (i.e., the
last 16 bits) of the IP address are ignored.
The Subnet mask is specified by entering the number of contiguous bits that are set for the mask.
The mask bits start at the most significant bit of the IP address field and proceed to the least
significant bit. A subnet mask of 255.255.255.255 equals 32 bits; a subnet mask of 255.255.255.0
equals 24 bits, and so on.
G
ATEWAY/ROUTER IP ADDRESS
IP address using dotted decimal notation that provides access to (i.e., encryption and decryption
for) the remote trusted (sub-) network or host. The IP address of the gateway must be on the (sub)
network connected to a defined interface.
S
OURCE IP ADDRESS
IP address using dotted decimal notation that specifies the local (“source”) trusted network or host.
S
ECURITY ASSOCIATION IV LENGTH MENU
The IV or Initial Value Length refers to the number of bits to be added to a soon-to-be encrypted
datagram in order to make proper encryption calculations. Your choices are 32 bits or 64 bits; 64 is
the default.
S
HARED SECRET ENCRYPTION KEY (IP NETWORK ENCRYPTION)
The shared secret key must be 64 bits (16 hexadecimal digits) in length. You must configure the
same shared secret on each CyberSWITCH node sharing this security association.
As opposed to a password, a shared secret is not sent across lines, and therefore is not susceptible
to interception. The shared secret is used to encrypt or decrypt data.
S
ECURITY ASSOCIATION AUTHENTICATION MENU (IP NETWORK ENCRYPTION)
This menu specifies whether or not to use an Authentication Header in addition to ESP encryption.
Choices are: No Authentication or Authentication using MD5.
A
UTHENTICATION USING MD5 (IP NETWORK ENCRYPTION)
Specifies Authentication Header (AH) implementation using the Message Digest 5 (MD5)
algorithm with 128-bit keys. AH can be enabled (with appropriate shared secret keys) for each
individual security association.
S
HARED SECRET AUTHENTICATION KEY (IP NETWORK ENCRYPTION)
The shared secret key must be 128 bits (32 hexadecimal digits) in length. You must configure the
same shared secret on each CyberSWITCH node sharing in authentication implementation.
Page view 234
1 2 ... 230 231 232 233 234 235 236 237 238 239 240 ... 728 729

Comments to this Manuals

No comments
  • Winbest Wintec Eurotool Api-audio Blue anatomy
  • Avocent Network switches OpenOffice.org General utility software HP Server barebones Ariens Snow throwers Sony WLAN access points
  • Canon Pixma MP560 Series Garmin GPSMAP 76S Ricoh Aficio 2045e Epson 450Wi Miele S177i
  • LG DP132 User Manual Brother MFC-235C User Manual Kenmore 99098 Owner's Manual Bauknecht FWM 9F4 User's Guide HP PROBOOK 4720S User Manual