Overriding a profile’s nat configuration – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Brocade Mobility RFS Controller System Reference Guide

195

53-1003099-01

5

FIGURE 90

Profile Overrides - Auto IPSec Tunnel screen

The Settings field lists those Auto IPSec tunnel policies created thus far. Any of these
policies can be selected and applied to a profile

NOTE

A blue override icon (to the left of a parameter) defines the parameter as having an override applied.
To remove an override go to the Basic Configuration section of the device and click the Clear
Overrides button. This removes all overrides from the device.

6. Select OK to save the changes made to the auto IPSec tunnel configuration. Select Reset to

revert to the last saved configuration.

Overriding a Profile’s NAT Configuration

Overriding a Profile’s Security Configuration

Group ID

Define a 1 - 64 character identifier for an IKE exchange supporting auto IPSec tunnel secure peers.

Authentication Type

Use the drop-down menu to select either RSA or PSK (Pre Shared Key) as the authentication type for
secure peer authentication on the auto IPSec secure tunnel. Rivest, Shamir, and Adleman (RSA) is an
algorithm for public key cryptography. It’s the first algorithm known to be suitable for signing, as well
as encryption. The default setting is RSA.

Authentication Key

Enter the 8 - 21 character shared key (password) used for auto IPSec tunnel secure peer
authentication.

IKE Version

Use the drop-down menu to select the IKE version used for auto IPSec tunnel secure authentication
with the IPSec gateway. IKEv2 is the default setting.

Enable NAT after IPSec

Select the checkbox to enable internal source port NAT on the auto IPSec secure tunnel.

Use Unique ID

Select this option to use a unique ID with auto IPSec secure authentication for the IPSec remote
gateway (appending the MiNT ID). This setting is disabled by default.