Configuring auto key settings – Brocade Mobility 5181 Access Point Product Reference Guide (Supporting software release 4.4.0.0) User Manual

Page 170

Advertising
background image

156

Brocade Mobility 5181 Access Point Product Reference Guide

53-1002516-01

Configuring VPN tunnels

6

Configuring auto key settings

The Mobility 5181 Access Point’s Network Management System can automatically set encryption
and authentication keys for VPN access. Use the Auto Key Settings screen to specify the type of
encryption and authentication, without specifying the keys. To manually specify keys, cancel out of
the Auto Key Settings screen, select the Manual Key Exchange radio button, and set the keys within
the Manual Key Setting screen.

To configure auto key settings for the Mobility 5181 Access Point:

1. Select Network Configuration -> WAN -> VPN from the Mobility 5181 Access Point menu tree.

2. Refer to the VPN Tunnel Config field, select the Auto (IKE) Key Exchange radio button and click

the Auto Key Settings button.

3. Configure the Auto Key Settings screen to modify the following:

Use Perfect Forward
Secrecy

1

Forward secrecy is a key-establishment protocol
guaranteeing the discovery of a session key or long-term
private key does not compromise the keys of other sessions.
Select Yes to enable Perfect Forward Secrecy. Select No to
disable Perfect Forward Secrecy.

Security Association Life
Time

1

The Security Association Life Time is the configurable interval
used to timeout association requests that exceed the defined
interval. The available range is from 300 to 65535 seconds.
The default is 300 seconds.

AH Authentication

1

AH provides data authentication and anti-replay services for
the VPN tunnel. Select the desired authentication method
from the drop-down menu.

1

None - Disables AH authentication. No keys are required to be
manually provided.

1

MD5 - Enables the Message Digest 5 algorithm. No keys are
required to be manually provided.

1

SHA1 - Enables Secure Hash Algorithm 1. No keys are
required to be manually provided.

ESP Type

1

ESP provides packet encryption, optional data authentication
and anti-replay services for the VPN tunnel. Use the
drop-down menu to select the ESP type.

1

None - Disables ESP. The rest of the fields are not active.

1

ESP - Enables ESP for this tunnel.

1

ESP with Authentication - Enables ESP with authentication.

Advertising
Popular Brands
Popular manuals