Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

482

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

8

Select OK to save the changes made within the IKE Policy screen. Select Reset to revert to the last
saved configuration. Select the Delete Row icon as needed to remove a peer configuration.

Select the Peer Configuration tab to assign additional network address and IKE settings to the an
intended VPN tunnel peer destination.

FIGURE 63

Profile Security - VPN Peer Destination screen (IKEv1 example)

Select either the IKEv1 or IKEv2 radio button to enforce VPN key exchanges using either IKEv1 or
IKEv2.

Refer to the following to determine whether a new VPN Peer Configuration requires creation, an
existing configuration requires modification or a configuration requires removal.

Authentication

Select an authentication hash algorithm used by the peers to exchange credential
information. Options include SHA and MD5. The default setting is SHA.

Name

Lists the 32 character maximum name assigned to each listed peer configuration upon
creation.

IP/Hostname

Displays the IP address (or host address FQDN) of the IPSec VPN peer targeted for secure
tunnel connection and data transfer.

Authentication Type

Lists whether the peer configuration has been defined to use pre-shared key (PSK) or RSA.
Rivest, Shamir, and Adleman (RSA) is an algorithm for public key cryptography. It’s the first
algorithm known to be suitable for both signing and encryption. If using IKEv2, this screen
displays both local and remote authentication, as both ends of the VPN connection require
authentication.

LocalID

Lists the local identifier used within this peer configuration for an IKE exchange with the
target VPN IPSec peer.

RemoteID

Displays the means the target remote peer is to be identified (string, FQDN etc.) within the
VPN tunnel.