![background image](http://html1.mh-extra.com/html/3com/vcx-v7122/vcx-v7122_user-manual_440856335.webp)
V7122 Gateway User Guide
335
IPSec
IPSec is responsible for encrypting and decrypting the IP streams.
The IPSec Security Policy Database (SPD) table defines up to 20 IP peers to which the
IPSec security is applied. IPSec can be applied to all packets designated to a specific IP
address or to a specific IP address, port (source or destination) and protocol type.
Each outgoing packet is analyzed and compared to the SPD table. The packet's destination
IP address (and optionally, destination port, source port and protocol type) are compared to
each entry in the table. If a match is found, the gateway checks if an SA already exists for
this entry. If it doesn’t, the IKE protocol is invoked (see
IKE
) and an IPSec SA is established.
The packet is encrypted and transmitted. If a match isn’t found, the packet is transmitted un-
encrypted.
An incoming packet whose parameters match one of the entries of the SPD table
but is received un-encrypted, is dropped.
IPSec specifications:
Transport mode only.
Encapsulation Security Payload (ESP) only.
Support for Cipher Block Chaining (CBC).
Supported IPSec SA encryption algorithms – DES, 3DES and AES.
Hash types for IPSec SA are SHA1 and MD5.
Configuring the IPSec and IKE
To enable IPSec and IKE on the gateway set the
ini
file parameter ‘EnableIPSec’ to 1.
IKE Configuration
The parameters described in
Table 68
are used to configure the first phase (main mode) of
the IKE negotiation for a specific peer. A different set of parameters can be configured for
each of the 20 available peers.
Summary of Contents for VCX V7122
Page 28: ...28 V7122 GatewayUser Guide ...
Page 39: ...V7122 Gateway User Guide 39 Reader s Notes ...
Page 40: ...40 V7122 GatewayUser Guide ...
Page 58: ...58 V7122 GatewayUser Guide Reader s Notes ...
Page 66: ...66 V7122 GatewayUser Guide Reader s Notes ...
Page 144: ...144 V7122 GatewayUser Guide Reader s Notes ...
Page 239: ...V7122 Gateway User Guide 239 Reader s Notes ...
Page 240: ...240 V7122 GatewayUser Guide ...
Page 246: ...246 V7122 GatewayUser Guide Reader s Notes ...
Page 270: ...270 V7122 GatewayUser Guide Reader s Notes ...
Page 287: ...V7122 Gateway User Guide 287 Reader s Notes ...
Page 288: ...288 V7122 GatewayUser Guide ...
Page 294: ...294 V7122 GatewayUser Guide Reader s Notes ...
Page 300: ...300 V7122 GatewayUser Guide Figure 88 Gateway s Startup Process ...
Page 315: ...V7122 Gateway User Guide 315 Reader s Notes ...
Page 316: ...316 V7122 GatewayUser Guide ...
Page 332: ...332 V7122 GatewayUser Guide Reader s Notes ...
Page 358: ...358 V7122 GatewayUser Guide Reader s Notes ...
Page 362: ...362 V7122 GatewayUser Guide Reader s Notes ...
Page 389: ...V7122 Gateway User Guide 389 Reader s Notes ...
Page 390: ...390 V7122 GatewayUser Guide ...
Page 398: ...398 V7122 GatewayUser Guide Reader s Notes ...
Page 406: ...406 V7122 GatewayUser Guide Reader s Notes ...
Page 408: ...408 V7122 GatewayUser Guide Reader s Notes ...
Page 409: ...V7122 Gateway User Guide 409 ...
Page 419: ...V7122 Gateway User Guide 419 Reader s Notes ...
Page 437: ...V7122 Gateway User Guide 437 Reader s Notes ...
Page 452: ...452 V7122 GatewayUser Guide Figure 137 UDP2File Utility ...
Page 453: ...V7122 Gateway User Guide 453 Reader s Notes ...
Page 459: ...V7122 Gateway User Guide 459 Reader s Notes ...
Page 475: ...V7122 Gateway User Guide 475 ...