Brocade Communications Systems RFS6000 User Manual

Page 237

Advertising
background image

Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide

235

53-1001931-01

Global Configuration commands

5

Parameters

ipsec (security-association|
transform-set)

Configures IPSEC policies.

security-association – Defines the security association
parameter used to define its lifetime

lifetime (kilobyte | seconds) – The lifetime of IPSEC
security association. It can be defined in either:
kilobytes – Volume-based key duration, the minimum is
500 KB and maximum is 2147483646 KB .
seconds – Time-based key duration, the minimum is 90
seconds and maximum is 2147483646 seconds

transform-set [set name] – Uses the crypto ipsec
transform-set command to define the transform
configuration (authentication and encryption) for securing
data

ah-md5-hmac

ah-sha-hmac

esp-3des

esp-aes

esp-aes-192

esp-aes-256

esp-des

esp-md5-hmac

esp-sha-hmac

The transform-set is then assigned to a crypto map using the
map’s set transform-set command. For more information, see

Crypto-map Instance on page 371

isakmp
[client|keepalive|key|
peer|policy]

Configures the Internet Security Association and Key
Management Protocol (ISAKMP) policy.

client configuration (group) (default) – Leads to the
config-cryptogroup instance.
For more details see

Crypto-group Instance on page 341

keepalive <10-3600> – Sets a keepalive interval for use with
remote peers. It defines the number of seconds between
DPD messages

key [0 <key>|2 <key>|<key>] [address|hostname] – Sets a
pre-shared key for remote peer

0 <key> – Password is specified unencrypted

2 <key> – Password is encrypted with
password-encryption secret

<key> – User provided password

address – Defines a shared key with an
IP address

hostname – Defines the shared key with a hostname

peer [address|dn|hostname] – Sets the remote peer

address – The IP address is the identity of the remote
peer

dn – The identity of the remote peer is the distinguished
name

hostname –The hostname is the identity of the remote
peer

policy <1-10000> – Sets a policy for a ISAKMP protection
suite

Advertising
This manual is related to the following products:

RFS4000, RFS7000

Popular Brands
Popular manuals