Nortel Networks NN46120-104 User Manual
Page 67
Adding an ASA 310-FIPS to an Existing Cluster
67
Enter a new HSM-USER password for card 1: <define a new
HSM-USER password, or use the same HSM-USER password as
for card 0>
Re-enter to confirm:
The HSM-USER iKey has been updated.
Card 1 successfully initialized.
5
Transfer the cluster wrap key from the CODE-SO and
CODE-USER iKeys onto HSM card 0.
and
are related to transferring the cluster wrap key
onto the two HSM cards in the ASA 310-FIPS you are adding
to the cluster. The wrap key is transferred onto each HSM card
in two steps, where each half of the cluster wrap key stored on
the two black CODE-SO and CODE-USER iKeys is loaded and
combined on the HSM card in the new ASA 310-FIPS cluster
member.
To successfully load and combine the cluster wrap key onto the
HSM cards, you need the following:
•
The two black HSM Code iKeys, labeled "CODE-SO" and
"CODE-USER" respectively, that you used when installing the
first ASA 310-FIPS in the cluster.
If you have more than one cluster of ASA 310-FIPS units, make
sure that you can identify to which cluster the pair of CODE
iKeys are associated. The cluster wrap key that is split and
stored on the two CODE iKeys is specific for each cluster of ASA
310-FIPS units.
(
join
setup, continued)
Verify that CODE-SO iKey (black) is inserted in card 0
(with flashing LED). <insert the same CODE-SO iKey that
you used when installing the first
ASA 310-FIPS
in the
cluster>
Hit enter when done.
Verify that HSM-USER iKey (blue) is inserted in card 0
(with flashing LED).
Hit enter when done.
Verify that CODE-USER iKey (black) is inserted in card
0 (with flashing LED). <insert the same CODE-USER
iKey that you used when installing the very first ASA
310-FIPS in the cluster>
Hit enter when done.
Wrap key successfully combined to card 0.
6
Transfer the cluster wrap key from the CODE-SO and
CODE-USER iKeys onto HSM card 1.
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.