Owner's Manual

ManualsBrandsDell ManualsSoftwareDell OpenManage Network Manager Version 4.4

431

432

433

434

435

436

437

438

439

440

435

Editing / Creating an IP Security Term

The rule terms appear listed on the left. Use the

Add/Edit/Delete/Export

buttons in this portion of

the screen to manage them. The editor for terms appears in the right panel. Configure the match

criteria tab as in Match Criteria tab on page 425. In the

Action

tab, here are the fields you can

configure:

Remote Gateway

—Enter the IP address of the remote gateway.

Syslog

—Check if you want to syslog information about the packet.

SA Configuration

—Select from

manual

dynamic.

If you select

manual

the lowest panel in the

editor becomes active.

Clear - Do not

—Clear the do-not-fragment bit

IKE Policy

—Select from the pick list. See IKE Policy on page 432 for more about configuring the

contents of that list.

No-Anti-Replay

—Disable the anti-replay check.

IPSec Policy

—Select from the pick list. See IP Sec Policy on page 433 for more about configuring

the contents of that list.

Direction

—Select either

bidirectional

inbound-outbound

. If you select the latter, the

Outbound Parameters

tab in the lowest panel becomes active.

Inbound / Outbound Parameters

These tabs let you configure parameters for inbound and outbound traffic. You only need to

configure one tab (labelled simply

Parameters

) if the direction selected is

bidirectional

. Here are

the fields in these tabs:

Protocol

—Select from the pick list. Options include

(authentication header),

esp

(encapsulated security payload), and

bundle

(a combination of

and

esp

SPI—

Define the Security Parameter Index (256 - 16639)

Auxiliary SPI

—The ESP Security Parameter Index for IP Sec SA bundle.

Encryption

—Select the encryption algorithm from the pick list (

none, des-cbc,

and

3dec-cbc

and, if necessary its key in the field to the right of the pick list (check the right-hand checkbox

if the key is in

Hexadecimal

)

Authentication

—Select the authentication algorithm from the pick list (

none, des-cbc,

and

3dec-cbc

), and, if necessary its key in the field to the right of the pick list (check the right-

hand checkbox if the key is in

Hexadecimal

)

The

Configure

button at the bottom of the screen executes the desired configuration on the

selected equipment.Click the

Refresh

button to re-query for these items.