Viewing vpn status – Brocade Mobility 5181 Access Point Product Reference Guide (Supporting software release 4.4.0.0) User Manual

Page 173

Advertising
background image

Brocade Mobility 5181 Access Point Product Reference Guide

159

53-1002516-01

Configuring VPN tunnels

6

4. Click Ok to return to the VPN screen. Click Apply to retain the settings made on the IKE Settings

screen.

5. Click Cancel to return to the VPN screen without retaining the changes made to the IKE

Settings screen.

Viewing VPN status

Use the VPN Status screen to display the status of the tunnels configured on the Mobility 5181
Access Point as well as their lifetime, transmit and receive statistics. The VPN Status screen is
read-only with no configurable parameters. To configure a VPN tunnel, use the VPN configuration
screen in the WAN section of the Mobility 5181 Access Point menu tree.

To view VPN status:

1. Select Network Configuration -> WAN -> VPN -> VPN Status from the Mobility 5181 Access

Point menu tree.

2. Reference the Security Associations field to view the following:

IKE Encryption
Algorithm

Select the encryption and authentication algorithms for the VPN
tunnel from the drop-down menu.
DES - Uses the DES encryption algorithm. No keys are required to
be manually provided.
3DES - Enables the 3DES encryption algorithm. No keys are
required to be manually provided.
AES 128-bit - Uses the Advanced Encryption Standard algorithm
with 128-bit. No keys are required to be manually provided.
AES 192-bit - Enables the Advanced Encryption Standard
algorithm with 192-bit. No keys are required to be manually
provided.
AES 256-bit - Uses the Advanced Encryption Standard algorithm
with 256-bit. No keys are required to be manually provided.

Key Lifetime

The number of seconds the key is valid. At the end of the lifetime,
the key is renegotiated.
The Mobility 5181 Access Point forces renegotiation every 3600
seconds. There is no way to change the renegotiation value. If the
IKE Lifetime is greater than 3600, the keys still get renegotiated
every 3600 seconds.

Diffie Hellman Group

Select a Diffie-Hellman Group to use. The Diffie-Hellman key
agreement protocol allows two users to exchange a secret key over
an insecure medium without any prior secrets. Two algorithms
exist, 768-bit and 1024-bit. Select one of the following options:
Group 1 - 768 bit - Somewhat faster than the 1024-bit algorithm,
but secure enough in most situations.
Group 2 - 1024 bit - Somewhat slower than the 768-bit algorithm,
but much more secure and a better choice for extremely sensitive
situations.

Tunnel Name

The Tunnel Name column lists the names of all the tunnels
configured on the Mobility 5181 Access Point.

Status

The Status column lists the status of each configured tunnel.
When the tunnel is not in use, the status reads NOT_ACTIVE. When
the tunnel is connected, the status reads ACTIVE.

Advertising
Popular Brands
Popular manuals