Crypto-ikev1/ikev2-poli cy commands, Crypto-ikev1/ikev2-policy commands – Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 608
Brocade Mobility RFS Controller CLI Reference Guide
595
53-1003098-01
7
crypto-ikev1/ikev2-policy commands
Defines crypto-IKEv1/IKEv2 commands in detail
IKE protocol is a key management protocol standard used in conjunction with IPSec. IKE enhances
IPSec by providing additional features, flexibility, and configuration simplicity for the IPSec
standard. IKE automatically negotiates IPSec SAs, and enables secure communications without
time consuming manual pre-configuration.
Use the (config) instance to configure IKEv1/IKEv2 policy configuration commands. To navigate to
the IKEv1 policy config instance, use the following commands:
<DEVICE>(config)#profile <DEVICE-TYPE> <PROFILE-NAME>
<DEVICE>(config-profile-<PROFILE-NAME>)#crypto ikev1/ikev2 policy
<IKEV1/IKEV2-POLICY-NAME>
rfs7000-37FABE(config-profile-default-rfs7000)#crypto ikev1 policy
ikev1-testpolicy
rfs7000-37FABE(config-profile-default-rfs7000-ikev1-policy-ikev1-testpolicy)#
?
Crypto IKEv1 Policy Configuration commands:
dpd-keepalive Set Dead Peer Detection interval in seconds
dpd-retries Set Dead Peer Detection retries count
isakmp-proposal Configure ISAKMP Proposals
lifetime Set lifetime for ISAKMP security association
mode IKEv1 mode (main/aggressive)
no Negate a command or set its defaults
clrscr Clears the display screen
commit Commit all changes made in this session
end End current mode and change to EXEC mode
exit End current mode and down to previous mode
help Description of the interactive help system
revert Revert changes
service Service Commands
show Show running system information
write Write running configuration to memory or terminal
rfs7000-37FABE(config-profile-default-rfs7000-ikev1-policy-ikev1-testpolicy)#
rfs7000-37FABE(config-profile-test-ikev2-policy-ikev2-testpolicy)#?
Crypto IKEv2 Policy Configuration commands:
dpd-keepalive Set Dead Peer Detection interval in seconds
isakmp-proposal Configure ISAKMP Proposals
lifetime Set lifetime for ISAKMP security association
no Negate a command or set its defaults
sa-per-acl Setup single SA for all rules in the ACL (ONLY APPLICABLE
FOR SITE-TO-SITE VPN)
clrscr Clears the display screen
commit Commit all changes made in this session
do Run commands from Exec mode
end End current mode and change to EXEC mode
exit End current mode and down to previous mode
help Description of the interactive help system
revert Revert changes
service Service Commands
show Show running system information