Brocade Network Advisor SAN + IP User Manual v12.1.0 User Manual

1130

Brocade Network Advisor SAN + IP User Manual

53-1002949-01

Configuring FCIP tunnel advanced settings

27

FIGURE 474

Advanced Settings Security Tab for the 8 Gbps Extension Switch and Blade

3. As an option, click Ensure connecting peer switches have known WWNs. This provides an

added measure of security.

4. Enter the WWN for the remote switch.

5. Assign IKE and IPsec policies. For the 4 Gbps Extension Switch and Blade, you must choose

from a drop-down list of policies. The 8 Gbps Extension Switch and Blade have predefined IKE
and IPsec policies. These policies are enabled by selecting the Enable IPSec check box.
Matching policies are applied to the remote switch. Note that the Enable IPSec check box is
grayed while editing the tunnels because the IPsec settings cannot be edited for the secured
tunnels.

NOTE

IPSec settings cannot be edited. If you want to change settings, you will need to delete the
tunnel and then create a new tunnel with the new settings.

6. In the PreShared Key field, specify the key for IKE authentication. Use the following

specifications, depending on your extension platform.

•

For the 4 Gbps Extension Switch and Blade and the 8 Gbps Extension Blade, the key value
must be between 12 and 32 alphanumeric characters. The length depends on the chosen
IKE policy.

•

For the 8Gbps Extension switch, the key value must be a minimum of 32 alphanumeric
characters.

These policies are used to make the connection more secure through authentication and
encryption. When you select a policy for the local switch, a matching policy is automatically
selected on the remote switch. If no matching policy is found, you must manually configure the
policy on the remote switch.