Brocade Mobility RFS7000-GR Controller System Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual

Brocade Mobility RFS7000-GR Controller System Reference Guide

393

53-1001944-01

Configuring IPSec VPN

6

1. Select Security > IPSec VPN from the main menu tree.

2. Click the Crypto Maps tab and select Crypto Map Entries.

3. Review the following Crypto Map attributes to determine if an existing Crypto Map requires

revision, deletion or if a new Crypto Map needs to be created.

4. Select an existing Crypto Map and click the Edit button to modify the Crypto Map’s attributes.

If an entire Crypto Map requires revision, consider deleting the Crypto Map and creating a new
one using the Add function.

Refer to the definitions supplied for the Add Crypto Map screen (on the next page) to ascertain
the requirements for editing a Crypto Map.

Priority / Seq

Displays the numerical priority assigned to each Crypto Map.

Name

Displays the user-assigned name for this specific Crypto Map. This name can be
modified using the Edit function or a new Crypto Map can be created by clicking
the Add button.

Mode Config

Displays a green checkmark for the Crypto Map used with the current interface. A
“X” is displayed next to other Crypto Maps not currently being used.

Number of Peers

Displays the number of peers used by each Crypto Map displayed.

SA Lifetime (secs)

Displays a SA Lifetime (in seconds) that forces the periodical expiration and
re-negotiation of peer credentials. Thus, continually validating the peer
relationship.

SA Lifetime (Kb)

Causes the security association to time out after the specified amount of traffic (in
kilobytes) has passed through the IPSec tunnel (using the security association).

ACL ID

Displays the name of the ACL ID used for each Crypto Map.

Number of Interfaces

Displays the number of interfaces each specific Crypto Map is used with.