HP StorageWorks 2000fc G2 Modular Smart Array User Manual

Page 72

Advertising
background image

72

Managing switches

NOTE:

IPsec policies must be unique. The unique key for a policy includes the fields Source

Address, Source Port, Source Prefix Length, Destination Address, Destination Port, Destination Prefix

Length, Protocol, ICMP IPv6 Type (if specified), and Direction. No two IPsec associations can

contain duplicate values in these nine fields.

Protocol

Select one of the following protocols or applications to which to apply IP

security:

ICMP—Internet Control Message Protocol

ICMP6—Internet Control Message Protocol for IPv6

IP4—Internet Protocol, version 4

TCP—Transmission Control Protocol

UDP—User Datagram Protocol

Any—Any protocol

Or enter a number in the range of 0 to 255.
If you select ICMP6, you must also enter a value in the ICMP IPv6 Type box.

ICMP IPv6 Type

(Required if you select ICMP6 for the Protocol) In the ICMP IPv6 Type box, enter

a number in the range of 0 to 255.

Direction

Select the direction of data traffic to which to apply the policy:

In—Data entering the destination

Out—Data leaving the source

Priority

To control the relative ordering of this policy within the SPD, enter an integer in

the range of –2147483647 to 214783647.

Action

Specify the processing to apply to data traffic:

Discard—Unconditionally disallow all inbound or outbound data traffic

None—Allow all inbound or outbound data traffic without encryption or

decryption

IPsec—Apply IP security to inbound and outbound data traffic

Protection Desired

(Required if you select IPsec for the Action) Select the type of IP security

protection to apply:

AH—Authentication Header

ESP—Encapsulating Security Payload

Both—Apply both AH and ESP protection

AH Level Rule

(Required if you select AH or Both for the Protection) Select the rule level to apply

for AH protection:

Default—For Linux, the default is Use. For Windows, the default is Require.

Use—If corresponding SAD entry is found, use IPsec. If corresponding SAD

entry is not found, do not use IPsec.

Require—If corresponding SAD is entry found, use IPsec. If corresponding

SAD entry is not found, do not communicate at all.

ESP Level Rule

(Required if you select ESP or Both for the Protection) Select the rule level to apply

for ESP protection:

Default—For Linux, the default is Use. For Windows, the default is Require.

Use—If corresponding SAD entry is found, use IPsec. If corresponding SAD

entry is not found, do not use IPsec.

Require—If corresponding SAD is entry found, use IPsec. If corresponding

SAD entry is not found, do not communicate at all.

Advertising
This manual is related to the following products:

StorageWorks 1000 Modular Smart Array, 8.20q Fibre Channel Switch, 2000fc Modular Smart Array

Popular Brands
Popular manuals