Brocade Mobility 7131 Access Point Product Reference Guide (Supporting software release 4.4.0.0 and later) User Manual

Brocade Mobility 7131 Access Point Product Reference Guide

223

53-1002517-01

6

AH Authentication

AH provides data authentication and anti-replay services for the VPN tunnel. Select the
required authentication method from the drop-down menu:

•

None - Disables AH authentication. The rest of the fields are not active.

•

MD5 - Enables the Message Digest 5 algorithm requiring 128-bit
(32-character hexadecimal) keys.

•

SHA1 - Enables Secure Hash Algorithm 1, requiring 160-bit (40-character
hexadecimal) keys.

Inbound AH
Authentication Key

Configure a key for computing the integrity check on inbound traffic with the selected
authentication algorithm. The key must be 32/40 (for MD5/SHA1) hexadecimal (0-9, A-F)
characters in length. The key value must match the corresponding outbound key on the
remote security gateway.

Outbound AH
Authentication Key

Configure a key for computing the integrity check on outbound traffic with the selected
authentication algorithm. The key must be 32/40 (for MD5/SHA1) hexadecimal (0-9, A-F)
characters in length. The key value must match the corresponding inbound key on the
remote security gateway.

Inbound SPI (Hex)

Enter an up to six-character hexadecimal value to identify the inbound security association
created by the AH algorithm. The value must match the corresponding outbound SPI value
configured on the remote security gateway.

Outbound SPI (Hex)

Provide an up to six-character hexadecimal value to identify the outbound security
association created by the AH algorithm. The value must match the corresponding inbound
SPI value configured on the remote security gateway.

ESP Type

ESP provides packet encryption, optional data authentication and anti-replay services for
the VPN tunnel. Use the drop-down menu to select the ESP type. Options include:

•

None - Disables ESP. The rest of the fields are not be active.

•

ESP - Enables ESP for the tunnel.

•

ESP with Authentication - Enables ESP with authentication.

ESP Encryption
Algorithm

Select the encryption and authentication algorithms for the VPN tunnel using the
drop-down menu.

•

DES - Uses the DES encryption algorithm requiring 64-bit (16-character
hexadecimal) keys.

•

3DES - Uses the 3DES encryption algorithm requiring 192-bit
(48-character hexadecimal) keys.

•

AES 128-bit - Uses the Advanced Encryption Standard algorithm with
128-bit (32-character hexadecimal) keys.

•

AES 192-bit - Uses the Advanced Encryption Standard algorithm with
192-bit (48-character hexadecimal) keys.

•

AES 256-bit - Uses the Advanced Encryption Standard algorithm with
256-bit (64-character hexadecimal) keys.

Inbound ESP
Encryption Key

Enter a key for inbound traffic. The length of the key is determined by the selected
encryption algorithm. The key must match the outbound key at the remote gateway.

Outbound ESP
Encryption Key

Define a key for outbound traffic. The length of the key is determined by the selected
encryption algorithm. The key must match the inbound key at the remote gateway.