beautypg.com

Enterasys Networks CSX6000 User Manual

Page 233

background image

Central Site Remote Access Switch 233

C

ONFIGURING

E

NCRYPTION

Configuration

Note:

For the Final Destination and Source IP addresses, you may enter the entire address (i.e.,
197.1.2.2 vs. 197.1.0.0); however, the subnet mask will determine how many significant bits
the system will actually consider.

5.

The next series of questions pertain to the Authentication Header. To implement an
Authentication Header, select Authentication using MD5, and provide a shared secret
authentication key. If you do not wish to use an Authentication Header, select No
Authentication
:

6.

Complete this IP Security configuration:

Refer to the Background Information section for a pertinent example of

IP Encryption

configuration.

U

SING

M

ANAGE

M

ODE

Not currently supported.

C

ONFIGURING

L

INK

L

AYER

E

NCRYPTION

(PPP E

NCRYPTION

O

NLY

)

Link Layer Encryption provides encryption capabilities for all protocols within a PPP environment.
This feature allows you to:

enable encryption for PPP devices,

select either an automatic key exchange or manually-configured keys, and then

for manual-key configuration, assign key values to devices to encrypt/decrypt datagrams

U

SING

CFGEDIT

1.

From the CFGEDIT Main Menu, select Security.

2.

Select Device Level Databases.

3.

Select On-node device entries.

4.

Follow on-screen instructions to enable device level security, and then add a new (or change an
existing) device. Refer to

Configuring Device Level Databases

for details.

5.

From the Device Table Menu, select Encryption. A menu similar to the following will be
displayed:

Security Association Authentication Menu:

1) No Authentication
2) Authentication using MD5
3) Id of Authentication to use [default = 1]? 2

Enter the Shared Secret Authentication Key for this Association:

Enter the Security Parameter Index (SPI) for this Security Association: 12345678

Select function from above or for previous menu:

This manual is related to the following products: