Dell PowerConnect W-Airwave Configuration Manual

Also see for PowerConnect W-Airwave: User guide User guide Manual Manual Quick start guide

Contents

146 | Aruba Configuration Reference AirWave Wireless Management Suite | Configuration GuideClick Add to finish the new VPN Dialers profile, or click Save to complete the editing of an existing profile.You return to the VPN Dialers page. The new profile appears below the Add New VPN Dialer button.Security > PoliciesThe Security > Policies page displays all currently configured policies, to include the policy name, type, andcites the groups, user roles, and folders to which the security policy applies. To create a new policy, clickthe Add New Policy button. To edit an existing policy, click the pencil icon.The Security > Policy > Add New Policy page contains the following fields, as described in Table 59:IKE Diffie-HellmanGroup1024-bit (1) Select the IPSEC Mode Group that matches the Diffie Hellman Groupconfigured for the IPSEC policy. The two options are as follows:z 1024-bitz 768-bitThe IKE policy selections, along with the preshared key, need to be reflectedin the VPN configuration. Set the VPN configuration on clients to match thechoices made above. In case the Aruba dialer is used, these configurationneed to be made on the dialer prior to downloading the dialer onto the localclient.IKE HashAlgorithmSHA Set the IKE Hash Algorithm to either SHA or MD5, to match the IKE policy forIPSEC.IKE Authentication Pre-Shared IKE Phase 1 authentication can be done with either an IKE preshared key ordigital certificates. This establishes how the client is authenticated with theinternal database on the controller.The options are Pre-Shared Keys or RSA Signatures.IPSEC Lifetime 7200 Define the IPSEC lifetime in seconds, after which a new IPSEC key isrequired.IPSEC DiffieHellman Group1024-bit (1) Select the IPSEC Mode Group that matches the Diffie Hellman Groupconfigured for the IKE policy. The two options are as follows:z 1024-bitz 768-bitThe IPSEC policy selections, along with the preshared key, need to bereflected in the VPN configuration. Set the VPN configuration on clients tomatch the choices made above. In case the Aruba dialer is used, theseconfiguration need to be made on the dialer prior to downloading the dialeronto the local client.IPSEC Encryption 168-bit 3DES Specify the type of IPSEC encryption to support for the VPN. Options are asfollows:z Encapsulating Security Payload (ESP) with 168-bit 3DESz ESP with 56-bit DESIPSEC HashAlgorithmSHA Set the IKE Hash Algorithm to either SHA or MD5, to match the IKE policy forIKE Hash Algorithm.Table 59 Security > Policy > Add New Policy Field DescriptionsField DescriptionGeneral SettingsFolder Top Use this field to set and display the folder with which the policy isassociated. The drop-down menu displays all folders available forassociation with the policy.Table 58 Security > User Roles > Add VPN Dialer Field Descriptions (Continued)Field Default Description