question on manual keying - Network

This is a discussion on question on manual keying - Network ; Hi Could someone help on the manual keying issue! I did some search in Microsoft.com and find only one technical doc on how to configuring manual keying and the contents don't look complete. The article(using manual keying for link local ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: question on manual keying

  1. question on manual keying

    Hi

    Could someone help on the manual keying issue! I did some search in
    Microsoft.com and find only one technical doc on how to configuring manual
    keying and the contents don't look complete. The article(using manual keying
    for link local connection) is
    http://technet2.microsoft.com/window...spx?mfr=trueat

    I was able to follw the article to configure the test.spd and test.sad
    files. But could not figure out the format of the key files. I tried to put
    only manul keying there in hexdecimal format or just follow the article to
    put "This is a test". I got error message saying Bad authenication algorithm
    value entry in the key file. I also tried to put some algorithm string in
    front of the key but failed with sma e error message.
    Thank you!

    Tinghua

  2. RE: question on manual keying

    There is no supported production method for manual keying in GUI or command
    line for manual IPsec SAs in any release since Win2k. The IPv6 IPsec
    implementation in XPSP2 and WS03 provided a method for testing IPsec using
    manual IPsec SA configurations. But I remember reading somewhere that only
    Vista & Server 2008 have "production" capable IPv6 implementation. The IPsec
    GUI & command line for IPv6 in Vista does not support manual SAs.

    However, you might check the Vista SDK Windows Firewall APIs for support of
    APIs that can provide SPI, algorithms & keys for IPsec SAs. It might be
    discussed as an API for an alternate IPsec keying module. I haven't looked
    specifically for how to do this yet.

    "Tinghua" wrote:

    > Hi
    >
    > Could someone help on the manual keying issue! I did some search in
    > Microsoft.com and find only one technical doc on how to configuring manual
    > keying and the contents don't look complete. The article(using manual keying
    > for link local connection) is
    > http://technet2.microsoft.com/window...spx?mfr=trueat
    >
    > I was able to follw the article to configure the test.spd and test.sad
    > files. But could not figure out the format of the key files. I tried to put
    > only manul keying there in hexdecimal format or just follow the article to
    > put "This is a test". I got error message saying Bad authenication algorithm
    > value entry in the key file. I also tried to put some algorithm string in
    > front of the key but failed with sma e error message.
    > Thank you!
    >
    > Tinghua


+ Reply to Thread