Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

492

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

8

FIGURE 71

Profile Security - Global VPN Settings screen

Define the following IPSec Global settings:

Set the following IKEV1 Settings:

df bit

Select the DF bit handling technique used for the ESP encapsulating header. Options
include Clear, set and copy. The default setting is Copy.

IPsec Lifetime (kB)

Set a connection volume lifetime (in kilobytes) for the duration of an IPSec VPN security
association. Once the set volume is exceeded, the association is timed out. Use the spinner
control to set the volume from 500 - 2,147,483,646 kilobytes. The default settings is
4,608,000 kilobytes.

IPsec Lifetime (seconds)

Set a lifetime (in seconds) for the duration of an IPSec VPN security association. Once the
set value is exceeded, the association is timed out. The available range either Seconds (120
- 86,400), Minutes (2 - 1,440), Hours (1 - 24) or Days (1). The default setting is 3,600
seconds.

Plain Text Deny

Select global or interface to set the scope of the ACL. The default setting is global,
expanding the rules of the ACL beyond just the interface.

Enable IKE Uniquelds

Select this option to initiate a unique ID check. This setting is disabled by default.

DPD KeepAlive

Define the interval (or frequency) for IKE keep alive messages for dead peer detection.
Options include Seconds (10 - 3,600), Minutes (1 - 60) and Hours (1). The default setting is
30 seconds.