Security-association, Session-key – Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 637
624
Brocade Mobility RFS Controller CLI Reference Guide
53-1003098-01
7
rfs7000-37FABE(config-profile-default-rfs7000-cryptomap-map1#1)#
security-association
crypto-map-ipsec-manual-instance
Defines the lifetime (in kilobytes and/or seconds) of IPSec SAs created by this crypto map
Supported in the following platforms:
•
Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point
•
Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000
•
Service Platforms — Brocade Mobility RFS9510
Syntax:
security-association lifetime [kilobytes <500-2147483646>|seconds <120-86400>]
Parameters
security-association lifetime [kilobytes <500-2147483646>|seconds <120-86400>]
NOTE
This command is not applicable to the ipsec-manual crypto map.
Example
rfs7000-37FABE(config-profile-default-rfs7000-cryptomap-map2#2)#security-asso
ciation lifetime seconds 123
rfs7000-37FABE(config-profile-default-rfs7000-cryptomap-map2#2)#show context
crypto map map2 2 ipsec-isakmp
security-association lifetime seconds 123
rfs7000-37FABE(config-profile-default-rfs7000-cryptomap-map2#2)#
session-key
crypto-map-ipsec-manual-instance
Defines encryption and authentication keys for this crypto map
Supported in the following platforms:
•
Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point
•
Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000
•
Service Platforms — Brocade Mobility RFS9510
lifetime
[kilobytes
<500-2147483646>|
seconds <120-86400>]
Values can be entered in both kilobytes and seconds. Which ever limit is reached first, ends the security
association.
•
kilobytes <500-2147483646> – Defines volume based key duration. Specify a value from
500 - 2147483646 bytes.
•
seconds <120-86400> – Defines time based key duration. Specify the time frame from
120 - 86400 seconds.