Nortel Networks NN46120-104 User Manual
Page 62
62
Initial Setup
labeled CODE-SO and CODE-USER respectively will make this
procedure easier.
(
new
setup, continued)
Should new or existing CODE iKeys be used?
(new/existi
ng) [new]:
<press ENTER to select new>
Verify that CODE-SO iKey (black) is inserted in card 0
(with flashing LED).
Hit enter when done.
Verify that HSM-USER iKey (blue) is inserted in card 0
(with flashing LED).
Hit enter when done.
Verify that CODE-USER iKey (black) is inserted in card 0
(with flashing LED).
Hit enter when done.
Wrap key successfully split from card 0.
Note: Unlike the HSM-SO and the HSM-USER iKeys, the
CODE-SO and CODE-USER iKeys are not specific for each
HSM card. Instead, the CODE-SO and CODE-USER iKeys
are specific for each cluster of ASA 310-FIPS units. Therefore,
if you have more than one cluster of ASA 310-FIPS units, you
need to take steps so that you can identify to which cluster a
pair of CODE-SO and CODE-USER iKeys is associated.
7
Transfer the cluster wrap key from the CODE-SO and
CODE-USER iKeys onto HSM card 1.
(
new
setup, continued)
Verify that CODE-SO iKey (black) is inserted in card 1
(with flashing LED).
Hit enter when done.
Verify that HSM-USER iKey (blue) is inserted in card 1
(with flashing LED).
Hit enter when done.
Verify that CODE-USER iKey (black) is inserted in card 1
(with flashing LED).
Hit enter when done.
Wrap key successfully combined to card 1.
8
If you have selected FIPS mode as the security mode, define
a passphrase.
If you selected FIPS mode prior to initializing HSM card 0 (
), you will also be asked to define a passphrase. Make sure
you remember the passphrase as you will be prompted for the
same passphrase when adding other ASA 310-FIPS units to the
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.