Symbol Technologies AP-5131

Configuring Access Point Security 6-41

The Inbound and Outbound SPI settings are required to be interpolated to function correctly. For example:AP1 Inbound SPI = 800AP1 Outbound SPI = 801

Inbound ESP

Encryption Key

Enter a key for inbound traffic. The length of the key is determined

by the selected encryption algorithm. The key must match the

outbound key at the remote gateway.

Outbound ESP

Encryption Key

Define a key for outbound traffic. The length of the key is

determined by the selected encryption algorithm. The key must

match the inbound key at the remote gateway.

ESP Authentication

Algorithm

Select the authentication algorithm to use with ESP. This option is

available only when ESP with Authentication was selected for

the ESP type. Options include:

• MD5 - Enables the Message Digest 5 algorithm, which

requires 128-bit (32-character hexadecimal) keys.

• SHA1 - Enables Secure Hash Algorithm 1, which requires

160-bit (40-character hexadecimal) keys.

Inbound ESP

Authentication Key

Define a key for computing the integrity check on the inbound

traffic with the selected authentication algorithm. The key must be

32/40 (for MD5/SHA1) hexadecimal (0-9, A-F) characters in length.

The key must match the corresponding outbound key on the remote

security gateway.

Outbound ESP

Authentication Key

Enter a key for computing the integrity check on outbound traffic

with the selected authentication algorithm. The key must be 32/40

(for MD5/SHA1) hexadecimal (0-9, A-F) characters in length. The

key must match the corresponding inbound key on the remote

security gateway.

Inbound SPI (Hex) Define an up to six-character (maximum) hexadecimal value to

identify the inbound security association created by the encryption

algorithm. The value must match the corresponding outbound SPI

value configured on the remote security gateway.

Outbound SPI (Hex) Enter an up to six (maximum) hexadecimal value to identify the

outbound security association created by the encryption algorithm.

The value must match the corresponding inbound SPI value

configured on the remote security gateway.