Chapter 4
Configuration via the Command Line Interface
4.5 Connection Security Descriptor
What is ... All security parameters required to establish an IPSec tunnel are grouped into a string called Connection Security Descriptor. This descriptor contains the following parameters:
Encryption method
Message integrity method (also called message authentication)
Selection to use Perfect Forward Secrecy, or not
Lifetime of the Security Association
Encapsulation method.
The Connection Security Descriptor parameters are explained in section 4.5.1.
How is it used A Connection Security Descriptor is required as one of the parameters to successfully create an operational Connection. The Connection refers to the Connection Security Descriptor by its symbolic name.
A number of Peer Security Descriptors are
In this section The following topics are discussed in this section:
Topic | Page |
|
|
4.5.1 Connection Security Descriptor parameters | 128 |
|
|
4.5.2 List all Connection Security Descriptors | 131 |
|
|
4.5.3 Create a new Connection Security Descriptor | 132 |
|
|
4.5.4 Set the Connection Security Descriptor Parameters | 133 |
|
|
4.5.5 Delete a Connection Security Descriptor | 134 |
|
|
127 | |
|
