Configuring ficon emulation – Brocade Network Advisor SAN User Manual v12.3.0 User Manual
Page 1021
Brocade Network Advisor SAN User Manual
969
53-1003154-01
Configuring FCIP tunnel advanced settings
22
5. Assign IKE and IPsec policies. For the 4 Gbps Extension Switch and Blade, you must choose
from a list of policies. The 8 Gbps Extension Switch and Blade have predefined IKE and IPsec
policies. These policies are enabled by selecting the Enable IPSec check box. Matching policies
are applied to the remote switch. Note that the Enable IPSec check box is unavailable while
editing the tunnels because the IPsec settings cannot be edited for the secured tunnels.
NOTE
IPsec settings cannot be edited. If you want to change settings, you must delete the tunnel and
then create a new tunnel with the new settings.
6. In the PreShared Key field, specify the key for IKE authentication. Use the following
specifications, depending on your extension platform:
•
For the 4 Gbps Extension Switch and Blade and the 8 Gbps Extension Blade, the key value
must be from 12 through 32 alphanumeric characters. The length depends on the chosen
IKE policy.
•
For the 8 Gbps Extension switch, the key value must be a minimum of 32 alphanumeric
characters.
These policies are used to make the connection more secure through authentication and
encryption. When you select a policy for the local switch, a matching policy is automatically
selected on the remote switch. If no matching policy is found, you must manually configure the
policy on the remote switch.
NOTE
For the Brocade 7840, select a name from the Policy Name list. The list displays all the
predefined policy names. Select the ellipses button to the right of the Policy Name field to
configure an IPsec policy name using the Configure IPsec Policy dialog box. Minimum 16 and
maximum 64 characters, special characters ~ @ % - _ + [ ] : are allowed for the policy name.
7. You can activate the Enable backward compatibility feature on 8 Gbps platforms if IPsec is
enabled. This allows multiple 1 Gbps circuits to be created using 10 Gbps ports even if the
switch at one end of the tunnel is using Fabric OS 7.0 and the switch at the other end is using
versions earlier than Fabric OS v7.0. Note that this feature can only be enabled when IPsec is
enabled and when circuits are configured without any advanced 10 Gbps features, such as
lossless failover, multi-gigabit circuits, or 10 Gbps Adaptive Rate Limiting (ARL).
Configuring FICON emulation
FICON emulation and acceleration features and operating parameters are configured from the
FICON Emulation tab (
). Before you configure these features, you must decide which
features you want to implement, and you must look closely at the operational parameters to
determine if values other than the default values are better for your installation.
1. Select Advanced Settings on the Add FCIP Tunnel or Edit FCIP Tunnel dialog box to display the
Advanced Settings dialog box.
2. Select the FICON Emulation tab.