Configuring an ipsec policy template, Configuring an ipsec, Policy template – H3C Technologies H3C SecPath F1000-E User Manual
Page 177
165
Item
Description
ESP Encryption
Algorithm
Select an encryption algorithm for ESP when the security protocol is ESP or AH-ESP.
Options include:
•
DES—Uses the DES algorithm and 56-bit keys for encryption. In FIPS mode, DES is not
supported and, if selected, does not take effect.
•
3DES—Uses the 3DES algorithm and 168-bit keys for encryption. In FIPS mode, 3DES
is not supported and, if selected, does not take effect.
•
AES128—Uses the AES algorithm and 128-bit keys for encryption.
•
AES192—Uses the AES algorithm and 192-bit keys for encryption.
•
AES256—Uses the AES algorithm and 256-bit keys for encryption.
•
Leave it null so the ESP performs no encryption. In FIPS mode, you must select both an
authentication algorithm and an encryption algorithm for ESP.
IMPORTANT:
•
Higher security means increased complexity and decreased speed. DES is sufficient
for general security requirements. Use 3DES if you require very high confidentiality
and security.
•
The ESP authentication and encryption algorithms cannot be both null.
Configuring an IPsec policy template
1.
Select VPN > IPSec > Policy-Template from the navigation tree to enter IPsec policy template
management page.
Figure 112 IPsec policy template list
2.
Click Add to enter the IPsec policy template configuration page.
3.
Configure an IPsec policy template as described in
.
4.
Click Apply.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS