HP StorageWorks Enterprise File Services WAN Accelerator User Manual

HP EFS WAN A

CCELERATOR

M

ANAGER

U

SER

’

S

G

UIDE

91

3 -
S

ET
TI

N

G

U

P

R

EM
O

T

E

HP

EF
S W

A

N A

CC
ELE

RAT

OR
S

4. Use the controls to view or modify the configuration, as described in the following

table.

5. To save the settings permanently, click Save.

To revert to the running configuration, click Reset.

Control

Description

Settings will be applied to
appliance

Select the appliance for which you want to view or modify the configuration from the
drop-down list.

Add New Peer

Peer IP. Type the IP address for the peer appliance.

Add Peer. To add the peer specified in the Peer IP box, click Add Peer.

If IPsec is enabled on this appliance, then it must also be enabled on all appliances in the
IP security peers list, otherwise this appliance will not be able to make optimized
connections with those peers.

Remove Selected Peers. To remove a peer from the peer list, click the check box next to
the name and click Remove Selected Peers.

Authentication and Encryption
Settings

Check one of the following options:

• Enable Authentication and Encryption. Check this box to enable authentication

between appliances.

• Enable Perfect Forward Secrecy. Check this box if you want to provide additional

security by renegotiating keys at specified intervals. Perfect Forward Secrecy provides
additional security by renegotiating keys at specified intervals. With PFS, if one key is
compromised, subsequent keys are secure because they are not derived from previous
keys.

Encryption Policy. Select one of the following methods from the Method One drop-
down list:

• DES. Data Encryption Standard. DES is the default.

• NULL. Specifies the null encryption algorithm.

Optionally, select DES, NULL, or None from the Method Two drop-down list.

Authentication Policy. Select one of the following methods from the Method One drop-
own list:

• MD5. Message-Digest algorithm. MD5 is a widely-used cryptographic hash function

with a 128-bit hash algorithm. MD5 is the default.

• SHA-1. Secure Hash Algorithm. SHA-1 is a set of related cryptographic hash

functions. SHA-1 is considered to be the successor to MD5.

Optionally, select MD5, SHA-1, or None from the Method Two drop-down list.

Time Between Key Renegotiations. Type a number to set the set number of minutes
between quick-mode renegotiation of keys using Internet Key Exchange (IKE). IKE uses
public key cryptography to provide the secure transmission of a secret key to a recipient
so that the encrypted data can be decrypted at the other end. The default value is 240
minutes.

Enter the Shared Secret. Type the shared secret in the text box. All the appliances in a
network for which you want to use IPsec must have the same shared secret.

Update Settings. If you change any of the Authentication and Encryption Settings, Click
Update Settings to apply your settings to the running configuration.