Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Brocade Mobility RFS Controller CLI Reference Guide

587

53-1003098-01

7

crypto plain-text-deny-acl-scope [global|interface]

crypto remote-vpn-client

Example

rfs7000-37FABE(config-profile-default-rfs7000)#crypto ipsec transform-set

tpsec-tag1 esp-aes-256 esp-md5-hmac

rfs7000-37FABE(config-profile-default-rfs7000)#crypto map map1 10 ipsec-isakmp

dynamic

rfs7000-37FABE(config-profile-default-rfs7000)#crypto

plain-text-deny-acl-scope interface

rfs7000-37FABE(config-profile-default-rfs7000)#show context

profile rfs7000 default-rfs7000

bridge vlan 1

tunnel-over-level2

ip igmp snooping

ip igmp snooping querier

no autoinstall configuration

no autoinstall firmware

device-upgrade persist-images

crypto ikev1 dpd-retries 1

crypto ikev1 policy ikev1-default

isakmp-proposal default encryption aes-256 group 2 hash sha

crypto ikev2 policy ikev2-default

isakmp-proposal default encryption aes-256 group 2 hash sha

crypto ipsec transform-set default esp-aes-256 esp-sha-hmac

crypto ipsec transform-set tpsec-tag1 esp-aes-256 esp-md5-hmac

crypto map map1 10 ipsec-isakmp dynamic

crypto ikev1 remote-vpn

crypto ikev2 remote-vpn

crypto auto-ipsec-secure

crypto plain-text-deny-acl-scope interface

interface radio1

interface radio2

interface up

rfs7000-37FABE(config-profile-default-rfs7000)#

crl
<TRUSTPOINT-NAME>

Imports a Certificate Revocation List (CRL). Imports a trustpoint including either a private key and server
certificate or a CA certificate or both

•

<TRUSTPOINT-NAME> – Specify the trustpoint name.

<URL>

Specify the CRL source address in the following format:
tftp://<hostname|IP>[:port]/path/file
ftp://<user>:<passwd>@<hostname|IP>[:port]/path/file
sftp://<user>:<passwd>@<hostname|IP>[:port]>/path/file
http://<hostname|IP>[:port]/path/file
cf:/path/file
usb<n>:/path/file

<1-168>

Sets command replay duration from 1 - 168 hours

plain-text-deny-acl-scope

Configures plain-text-deny-acl-scope parameters

global

Applies the plain text deny ACL globally

interface

Applies the plain text deny ACL to the interface only

remote-vpn-client

Configures remote VPN client settings. For more information, see

crypto-remote-vpn-client commands

.