Black Box EncrypTight, ET0010A, ET0100A, ET1000A

Table of Contents

EncrypTight User Guide 11

Interface Configuration.......................................................................................................................301

Management Port Addressing .....................................................................................................302

IPv4 Addressing ....................................................................................................................303

IPv6 Addressing ....................................................................................................................304

Auto-negotiation - All Ports..........................................................................................................305

Remote and Local Port Settings ..................................................................................................306

Transparent Mode.................................................................................................................306

Local and Remote Port IP Addresses ...................................................................................307

Transmitter Enable................................................................................................................308

DHCP Relay IP Address .......................................................................................................309

Ignore DF Bit .........................................................................................................................310

Reassembly Mode ................................................................................................................310

Trusted Hosts.....................................................................................................................................311

SNMP Configuration ..........................................................................................................................313

System Information......................................................................................................................313

Community Strings ......................................................................................................................314

Traps ...........................................................................................................................................315

SNMPv2 Trap Hosts.................................................................................................................... 316

SNMPv3 ......................................................................................................................................316

Generating the Engine ID......................................................................................................318

Retrieving and Exporting Engine IDs ....................................................................................318

Configuring the SNMPv3 Trap Host Users ...........................................................................319

Logging Configuration ........................................................................................................................321

Log Event Settings ......................................................................................................................322

Defining Syslog Servers ..............................................................................................................323

Log File Management..................................................................................................................324

Advanced Configuration.....................................................................................................................325

Path Maximum Transmission Unit...............................................................................................326

Non IP Traffic Handling ...............................................................................................................327

CLI Inactivity Timer......................................................................................................................327

Password Strength Policy............................................................................................................327

XML-RPC Certificate Authentication ........................................................................................... 328

SSH Access to the ETEP ............................................................................................................329

SNTP Client Settings...................................................................................................................329

IKE VLAN Tags ...........................................................................................................................329

OCSP Settings ............................................................................................................................330

Certificate Policy Extensions .......................................................................................................330

Features Configuration....................................................................................................................... 330

FIPS Mode...................................................................................................................................331

Enabling FIPS Mode .............................................................................................................331

Disabling FIPS ......................................................................................................................332

Verifying FIPS Status on the ETEP.......................................................................................332

EncrypTight Settings ...................................................................................................................333

Encryption Policy Settings ...........................................................................................................334

Working with Policies .........................................................................................................................334

Using EncrypTight Distributed Key Policies ................................................................................ 335

Creating Layer 2 Point-to-Point Policies......................................................................................335

Selecting a Role ....................................................................................................................337

Using Preshared Keys for IKE Authentication....................................................................... 337

Using Group IDs....................................................................................................................337

Selecting the Traffic Handling Mode .....................................................................................338

How the ETEP Encrypts and Authenticates Traffic...............................................................338