Configuring ipsec and ike policies – Brocade Network Advisor SAN + IP User Manual v12.3.0 User Manual

1252

Brocade Network Advisor SAN + IP User Manual

53-1003155-01

Configuring FCIP tunnel advanced settings

27

Configuring IPsec and IKE policies

IPsec and IKE policies are configured from the Security tab. The options and procedures are
platform-dependent.

Figure 547

on page 1252 shows the Security tab for the 8 Gbps Extension

Switch and 8 Gbps Extension Blade.

1. Select Advanced Settings on the Add FCIP Tunnel or Edit FCIP Tunnel dialog box to display the

Advanced Settings dialog box.

2. Select the Security tab.

FIGURE 547

Advanced Settings Security Tab for the 8 Gbps Extension Switch and Blade

3. As an option, click Ensure connecting peer switches have known WWNs. This provides an

added measure of security.

4. Enter the WWN for the remote switch.

5. Assign IKE and IPsec policies. For the 4 Gbps Extension Switch and Blade, you must choose

from a list of policies. The 8 Gbps Extension Switch and Blade have predefined IKE and IPsec
policies. These policies are enabled by selecting the Enable IPSec check box. Matching policies
are applied to the remote switch. Note that the Enable IPSec check box is unavailable while
editing the tunnels because the IPsec settings cannot be edited for the secured tunnels.

NOTE

IPsec settings cannot be edited. If you want to change settings, you must delete the tunnel and
then create a new tunnel with the new settings.

6. In the PreShared Key field, specify the key for IKE authentication. Use the following

specifications, depending on your extension platform:

•

For the 4 Gbps Extension Switch and Blade and the 8 Gbps Extension Blade, the key value
must be from 12 through 32 alphanumeric characters. The length depends on the chosen
IKE policy.