Viewing the ipsec proposal list, Querying ipsec proposals – H3C Technologies H3C Intelligent Management Center User Manual

Page 44

Advertising
background image

34

Transport mode—IPsec protects only the IP payload. It uses only the IP payload to calculate the AH

or ESP header, and inserts the calculated header between the original IP header and payload. If
you use ESP, an ESP trailer is also encapsulated. The transport mode is typically used for protecting

host-to-host or host-to-gateway communications.

Table 4

shows how the security protocols encapsulate an IP packet in different encapsulation modes.

Table 4 Security protocol encapsulation in different modes

Security

protocol Transport mode

Tunnel mode

AH

ESP

AH+ESP

Viewing the IPsec proposal list

1.

Click the Service tab.

2.

From the navigation tree, select IPsec VPN Manager > Security Proposals > IPsec Proposals. The
IPsec Proposal List displays all IPsec proposals.
IPsec Proposal List contents

{

Name—IPsec proposal name. Click the name to view the IPsec proposal details.

{

Encapsulation—Mode in which the IPsec packets are encapsulated, Transport or Tunnel.

{

Security Protocol—Security protocols used by the IPsec proposal, AH, ESP, or AH+ ESP.

{

AH AuthN—AH authentication algorithm used by the IPsec packets when the security protocol
is AH or AH+ESP. Options are MD5 and SHA-1.

{

ESP AuthN—ESP authentication algorithm used by the IPsec packets when the security protocol
is ESP or AH+ESP. Options are MD5, SHA-1, and None.

{

ESP Encryt—ESP encryption algorithm used by the IPsec packets when the security protocol is
ESP or AH+ESP. Options are DES, 3DES, AES(128), AES(192), AES(256), and None.

{

Modify—Click the Modify icon

to modify the settings of the IPsec proposal.

Querying IPsec proposals

1.

Click the Service tab.

2.

From the navigation tree, select IPsec VPN Manager > Security Proposals > IPsec Proposals.
The IPsec Proposal List displays all IPsec proposals.

3.

Enter the name of the IPsec proposal you want to search for. IVM supports fuzzy matching for this
field.

4.

Click Query.
The IPsec Proposal List displays all IPsec proposals matching the query criteria. Click Reset to clear
the query criteria and display all IPsec proposals.

Advertising
Popular Brands
Popular manuals