Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4820T
411412413414415416417418419420
Internet Protocol Security (IPSec)
Internet protocol security (IPSec) is an end-to-end security scheme for protecting IP communications by authenticating and encrypting all
packets in a communication session. Use IPSec between hosts, between gateways, or between hosts and gateways.
IPSec is compatible with Telnet and FTP protocols. It supports two operational modes: Transport and Tunnel.
Transport mode — (default) Use to encrypt only the payload of the packet. Routing information is unchanged.
Tunnel mode — Use to encrypt the entire packet including the routing information of the IP header. Typically used when creating virtual
private networks (VPNs).
NOTE: Due to performance limitations on the control processor, you cannot enable IPSec on all packets in a communication
session.
IPSec uses the following protocols:
Authentication Headers (AH) — Disconnected integrity and origin authentication for IP packets
Encapsulating Security Payload (ESP)Condentiality, authentication, and data integrity for IP packets
Security Associations (SA) — Necessary algorithmic parameters for AH and ESP functionality
IPSec supports the following authentication and encryption algorithms:
Authentication only:
MD5
SHA1
Encryption only:
3DES
CBC
DES
ESP Authentication and Encryption:
MD5 & 3DES
MD5 & CBC
MD5 & DES
SHA1 & 3DES
SHA1 & CBC
SHA1 & DES
Conguring IPSec
The following sample conguration shows how to congure FTP and telnet for IPSec.
1 Dene the transform set.
CONFIGURATION mode
crypto ipsec transform-set myXform-seta esp-authentication md5 esp-encryption des
2 Dene the crypto policy.
CONFIGURATION mode
22
418 Internet Protocol Security (IPSec)