Security associations, 59 create ip security association dialog box – HP H-series Enterprise Fabric Management Suite Software User Manual
Page 106
106 Managing Switches
Security associations
A security association defines the encryption algorithm and encryption key to apply when called by a
security policy. A security policy may call several associations at different times, but each association is
related to only one policy. The security association database is the set of all security associations. IP
Security configurations can be complex: it is possible to unintentionally configure policies and associations
that isolate a switch from all communication. If this happens, you can disable IP security by placing the
switch in maintenance mode, and correct the problem through the serial port interface.
To create an association, click Add on the Security Association Database side of the IPsec Configuration
dialog box. This opens the Create IPsec Security Association dialog box (
).
describes
the fields in the Create IP Security Association dialog box.
Figure 59
Create IP Security Association dialog box
Table 18
Create IP Security Association dialog box fields
Field
Description
Name
Association name
Description
Association description
Source Address
IP address (version 4 or 6) or DNS host name of the host, switch, or gateway
from which data originates
Destination Address
IP address (version 4 or 6) or DNS host name of the host, switch, or gateway
receiving data. If you specified an IP address for the Source Address, the
Destination Address must use the same IP version format.
Protocol
Protocol IP security protocol to be used to process data. The protocol can be
one of the following:
•
Encapsulated Security Payload (esp)
•
Encapsulated Security Payload (esp-old)
•
Authentication Header (ah)
•
Authentication Header (ah-old)
SPI
Security parameters index number