Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

486

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

8

FIGURE 66

Profile Security - VPN Crypto Map screen

Review the following Crypto Map configuration parameters to assess their relevance:

If requiring a new crypto map configuration, select the Add button. If updating the configuration of
an existing crypto map, select it from amongst those available and select the Edit button.

If adding a new crypto map, assign it a name up to 32 characters in length as a unique identifier.
Select the Continue button to proceed to the VPN Crypto Map screen.

Name

Lists the 32 character maximum name assigned for each crypto map upon creation. This
name cannot be modified as part of the edit process.

Type

Displays the site-to-site-manual, site-to-site-auto or remote VPN configuration defined for
each listed cyrpto map configuration. With site-to-site deployments, an IPSEC Tunnel is
deployed between two gateways, each at the edge of two different remote networks. With
remote VPN, an Access Point (located remotely) defines a tunnel with a security gateway.
This facilitates the endpoints in the branch office to communicate with the destination
endpoints (behind the security gateway) in a secure manner.

IP Firewall Rules

Lists the IP firewall rules defined for each displayed crypto map configuration. Each firewall
policy contains a unique set of access/deny permissions applied to the VPN tunnel and its
peer connection.

IPSec Transform Set

Displays the transform set (encryption and has algorithms) applied to each listed crypto map
configuration. Thus, each crypto map can be customized with its own data protection and
peer authentication schemes.