beautypg.com

HP StorageWorks 2000fc G2 Modular Smart Array User Manual

Page 67

background image

HP StorageWorks Simple SAN Connection Manager user guide

67

NOTE:

IPsec associations must be unique. The unique key for an association includes the fields

Destination Address, Protocol, and SPI. No two IPsec associations can contain duplicate values in

these three fields.

4.

To save the new IPsec association and close the IPsec Association dialog box, click OK. To abandon

creation of the IPsec association, click Cancel.

5.

When you are through managing security associations, select one of the following options:
• To save your changes and close the IPsec Configuration dialog box, click OK.
• To close the IPsec Configuration dialog box without saving any changes, click Cancel.

Authentication

Select one of the following methods to use to authenticate the source and

destination address:

HMAC-MD5—Hash Message Authentication Code Message-Digest

Algorithm 5

HMAC-SHA1—Hash Message Authentication Code Secure Hash Algorithm 1

HMAC-SHA256—Hash Message Authentication Code Secure Hash

Algorithm 1

AES-XCBC-MAC—Advanced Encryption Standard Extensions Cipher Block

Chaining Message Authentication Code

None—Do not authenticate source and destination address

Authentication Key

(xx)

Enter a string of hexadecimal bytes or a quoted string of characters that is

converted into hexadecimal ASCII bytes. The allowed lengths (indicated by xx in

the box label) for each authentication method are as follows:

For HMAC-MD5—16 bytes

For HMAC-SHA1—20 bytes

For HMAC-SHA256—32 bytes

For AES-XCBC-MAC—16 bytes

Encryption

(Required if you select ESP or ESP-old for the Protocol) Select one of the following

methods used to encrypt outbound data or decrypt inbound data:

DES-CBC—Data Encryption Standard Cipher Block Chaining

3DES-CBC—Triple Data Encryption Standard Cipher Block Chaining

NULL—NULL encryption algorithm

Blowfish-CBC—Blowfish Cipher Block Chaining

AES-CBC—Advanced Encryption Standard Cipher Block Chaining

Twofish-CBC—Twofish Cipher Block Chaining

Encryption Key (xx) (Required if you select ESP or ESP-old for the Protocol) Enter a string of bytes or a

quoted string of characters that is converted into hexadecimal ASCII bytes. The

allowed lengths (indicated by xx in the box label) for each encryption method

are as follows:

For DES-CBC—8 bytes

For 3DES-CBC—24 bytes

For NULL—no key required

For Blowfish CBC—5–56 bytes

For AES-CBC—16/24/32 bytes

For Twofish-CBC—16–32 bytes

This manual is related to the following products:
See also other documents in the category HP Storage: