Instruction manual
NetVanta 2000 Series System Manual Section 4, User Interface Guide
61200361L1-1E © 2002 ADTRAN, Inc. 67
20 bytes. Enter 16 or 20 characters (depending on authentication algorithm) and the NetVanta 2000 series
will use the ASCII of each character to create the hex bytes needed for the algorithm.This key value should
match to the corresponding outbound key value on the remote end SG.
IN SPI - is SPI value for identifying the inbound SA created by this AH transform. This should match with
the corresponding outbound SPI value configured on the remote end SG. For AH, values entered for the
SPI are interpreted and used as hex by the NetVanta 2000 series.
OUT K
EY
- is HMAC key used for computing ICV on the outbound traffic with the selected authentication
algorithm. Length of this key for MD5 must be 16 bytes, and for SHA1 it must be 20 bytes. Enter 16 or 20
characters (depending on authentication algorithm) and the NetVanta 2000 series will use the ASCII of
each character to create the hex bytes needed for the algorithm. This key value should match to the
corresponding inbound key value on the remote end SG.
OUT SPI - is SPI value for identifying the outbound SA created by this AH transform. This should match
with the corresponding inbound SPI value configured on the remote end SG. For AH, values entered for
the SPI are interpreted and used as hex by the NetVanta 2000 series.
ESP Configuration
E
NCRYPTION
- drop down menu allows you to enable or disable ESP transform for this VPN policy. You
can select the ESP mode also with this menu. The NetVanta 2000 series supports plain ESP and ESP with
Authentication.
ESP A
LGORITHM
- allows you to choose the encryption algorithm for this VPN policy. Two options are
available - one is DES other is 3DES; DES is the default value.
A
UTH
A
LGORITHM
- allows you to configure authentication algorithm if you enable ESP with
Authentication mode. You can choose one from MD5 or SHA1. MD5 is the default value.
IN SPI - is SPI value for identifying the inbound SA created by this ESP transform. For ESP, values entered
for the SPI are interpreted and used as decimal data. This should match with the corresponding outbound
SPI value configured on the remote end SG.
IN A
UTH
K
EY
- is HMAC key used for computing ICV on the inbound traffic with the selected
authentication algorithm if ESP with Authentication mode is configured. Length of this key for MD5 must
be 16 bytes, and for SHA1 it must be 20 bytes. Enter 16 or 20 characters (depending on authentication
algorithm) and the NetVanta 2000 series will use the ASCII of each character to create the hex bytes
needed for the algorithm. This key value should match to the corresponding outbound key value on the
remote end SG.
OUT SPI - is SPI value for identifying the outbound SA created by this ESP transform. For ESP, values
entered for the SPI are interpreted and used as decimal data This should match with the corresponding
inbound SPI value configured on the remote end SG.
OUT A
UTH
K
EY
- is HMAC key used for computing ICV on the outbound traffic with the selected
authentication algorithm if ESP with Authentication mode is configured. Length of this key for MD5 must
be 16 bytes, and for SHA1 it must be 20 bytes. Enter 16 or 20 characters (depending on authentication