EasyManuals Logo
Home>HP>Network Router>FlexNetwork MSR2003

HP FlexNetwork MSR2003 User Manual

HP FlexNetwork MSR2003
517 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #355 background imageLoading...
Page #355 background image
341
Specifying authentication and encryption algorithms for the
VAM server
The VAM server uses the specified algorithms to negotiate with the VAM client.
The VAM server and client use SHA-1 and AES-CBC-128 during connection initialization, and use
the negotiated algorithms after connection initialization.
The algorithm specified earlier in a command line has a higher priority. The configuration of the
commands that specify authentication and encryption algorithms does not affect registered VAM
clients. It applies to subsequently registered VAM clients.
To specify authentication and encryption algorithms for the VAM server:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enter ADVPN domain view.
vam server advpn-domain
domain-name [
id
domain-id ]
N/A
3. Specify authentication
algorithms.
authentication-algorithm
{
aes-xcbc-mac
|
md5
|
none
|
sha-1
|
sha-256
} *
The default authentication
algorithm is SHA-1.
4. Specify encryption
algorithms.
encryption-algorithm
{
3des-cbc
|
aes-cbc-128
|
aes-cbc-192
|
aes-cbc-256
|
aes-ctr-128
|
aes-ctr-192
|
aes-ctr-256
|
des-cbc
|
none
} *
The default encryption algorithms
are AES-CBC-256,
AES-CBC-192, AES-CBC-128,
AES-CTR-256, AES-CTR-192,
AES-CTR-128, 3DES-CBC, and
DES-CBC in descending order of
priority.
Configuring an authentication method
The VAM server uses the specified method to authenticate clients in the ADVPN domain. The VAM
server supports PAP and CHAP authentication.
If the specified ISP domain does not exist, the authentication will fail. A newly configured
authentication method does not affect registered VAM clients. It applies to subsequently registered
VAM clients.
To configure an authentication method:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enter ADVPN domain view.
vam server advpn-domain
domain-name [
id
domain-id ]
N/A
3. Specify an authentication
method.
authentication
-
method
{
none
|
{
chap
|
pap
} [
domain
isp-name ] }
By default, the authentication
method is CHAP, and the default
domain is used.
Configuring keepalive parameters
Keepalive parameters include a keepalive interval and a maximum number of keepalive retries. The
VAM server assigns the configured keepalive parameters to clients in the ADVPN domain.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP FlexNetwork MSR2003 and is the answer not in the manual?

HP FlexNetwork MSR2003 Specifications

General IconGeneral
BrandHP
ModelFlexNetwork MSR2003
CategoryNetwork Router
LanguageEnglish

Related product manuals