Specifications
4-20 WS2000 Wireless Switch System Reference Guide
3. Select the authentication and anti-replay method you wish to use for the tunnel from the AH
Authentication menu.
4. If either MD5 or SHA1 is the authentication type, specify an Inbound Authentication Encryption Key
and an Outbound Authentication Encryption Key. If MD5 is the authentication type, specify 32-
character hexadecimal keys. If SHA1 is the authentication type, specify 40-character hexadecimal keys.
5. Provide up to an eight-character hexadecimal values for the Inbound SPI and Outbound SPI fields
(minimum is 100). These fields are used to identify the inbound security association created by the AH
algorithm. These values must match the corresponding outbound and inbound SPI values (respectively)
configured on the remote security gateway. These values should also be unique across all tunnels on the
system.
6. Select the ESP Type from the menu.
7. If ESP or ESP with Authentication is enabled, select an Encryption Algorithm from the menu.
None Disables AH authentication and the rest of the fields in this area will not be active.
MD5 Enables the Message Digest 5 algorithm, which requires 128-bit (32-character hexadecimal)
authentication keys.
SHA1 Enables Secure Hash Algorithm 1, which requires 160-bit (40-character hexadecimal) keys.
None Disables ESP and the rest of the fields in this area will not be active.
ESP Enables Encapsulating Security Payload encryption for this tunnel.
ESP with
Authentication
Enables Encapsulating Security Payload encryption with authentication for this tunnel.
DES This option selects the DES encryption algorithm, which requires 64-bit (16-character
hexadecimal) keys.
3DES This option selects the 3DES encryption algorithm, which requires 192-bit (48-character
hexadecimal) keys. When creating keys for 3DES, the first 8 bytes cannot equal the sec-
ond 8 bytes, and the second 8 bytes cannot equal the third 8 bytes.