Nortel Networks NN46120-104 User Manual

Page 65

Advertising
background image

Adding an ASA 310-FIPS to an Existing Cluster

65

new prompts for configuring the ASA 310-FIPS will automatically
appear (see

Step 3

).

3

Initialize HSM card 0 by inserting the first pair of HSM-SO
and HSM-USER iKeys, and by defining passwords.

Step 3

and

Step 4

are related to initializing the HSM cards

that your ASA 310-FIPS is equipped with. The Setup utility will
identify the first HSM card as card 0, and the second HSM
card as card 1. Make sure you have the required iKeys before
proceeding. To successfully initialize both HSM cards, you need
to have the following iKeys:

One pair of iKeys to be used for initializing HSM card 0.

— The purple HSM Security Officer iKey, embossed with

"HSM-SO".

— The blue HSM User iKey, embossed with "HSM-USER".

Label these iKeys and HSM card 0 in a way so that the
connection between them is obvious. After HSM card 0 has
been initialized, this card will only accept the HSM-SO and
HSM-USER iKeys used when initializing this particular HSM
card. Even if you choose to use the same HSM-SO and
HSM-USER passwords when you initialize card 1 as the
passwords you defined when initializing card 0, the HSM-SO
and HSM-USER iKeys for card 1 are not interchangeable with
the HSM-SO and HSM-USER iKeys for card 0.

One pair of iKeys to be used for initializing HSM card 1.

— The purple HSM Security Officer iKey, embossed with

"HSM-SO".

— The blue HSM User iKey, embossed with "HSM-USER".

Label these iKeys and HSM card 1 in a way so that the
connection between them is obvious. Because you will have
more than one ASA 310-FIPS device in the cluster, you must
also take steps to identify which pair of iKeys is used on
which HSM card on which device in the cluster.

You also need to make sure that you can easily access the
USB ports on the HSM cards, located on the rear of the ASA
310-FIPS device. When an operation requires inserting an
HSM iKey, a flashing LED will direct you to the USB port on the
correct HSM card.

Nortel VPN Gateway

User Guide

NN46120-104

02.01

Standard

14 April 2008

Copyright © 2007-2008 Nortel Networks

.

Advertising
Popular Brands
Popular manuals