Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 597
584
Brocade Mobility RFS Controller CLI Reference Guide
53-1003098-01
7
•
Service Platforms — Brocade Mobility RFS9510
Syntax:
crypto [auto-ipsec-secure|enable-ike-uniqueids|ike-version|ikev1|ikev2|ipsec|
load-management|map|pki|plain-text-deny-acl-scope|remote-vpn-client]
crypto [auto-ipsec-secure|enable-ike-uniqueids|load-management]
crypto ike-version [ikev1-only|ikev2-only]
crypto ikev1 [dpd-keepalive <10-3600>|dpd-retries <1-100>|nat-keepalive
<10-3600>|
peer <IKEV1-PEER>|policy <IKEV1-POLICY-NAME>|remote-vpn]
crypto ikev2 [cookie-challenge-threshold <1-100>|dpd-keepalive <10-3600>|
dpd-retries <1-100>|nat-keepalive <10-3600>|peer <IKEV2-PEER>|
policy <IKEV2-POLICY-NAME>|remote-vpn]
crypto ipsec [df-bit|security-association|transform-set]
crypto ipsec df-bit [clear|copy|set]
crypto ipsec security-association lifetime [kilobytes <500-2147483646>|
seconds <120-86400>]
crypto ipsec transform-set <TRANSFORM-SET-TAG> [esp-3des|esp-aes|esp-aes-192|
esp-aes-256|esp-des|esp-null] [esp-md5-hmac|esp-sha-hmac]
crypto map <CRYPTO-MAP-TAG> <1-1000> [ipsec-isakmp {dynamic}|ipsec-manual]
crypto pki import crl <TRUSTPOINT-NAME> URL <1-168>
crypto plain-text-deny-acl-scope [global|interface]
crypto remote-vpn-client
Parameters
crypto [auto-ipsec-secure|enable-ike-uniqueids|load-management]
crypto ike-version [ikev1-only|ikev2-only]
auto-ipsec-secure
Configures the Auto IPSec Secure parameter settings. For Auto IPSec tunnel configuration commands,
see
crypto-auto-ipsec-tunnel commands
.
enable-ike-uniqueids
Enables Internet Key Exchange (IKE) unique ID check
For more information on IKE unique IDs, see
load-management
Configures load management for platforms using software cryptography
ike-version
[ikev1-only|ikev2-only]
Selects and starts the IKE daemon
•
ikev1-only – Enables support for IKEv1 tunnels only
•
ikev2-only – Enables support for IKEv2 tunnels only