Brocade Mobility RFS7000-GR Controller System Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual

Brocade Mobility RFS7000-GR Controller System Reference Guide

377

53-1001944-01

Configuring IKE settings

6

A IKE policy matches when they have the same encryption, hash, authentication and Diffie-Hellman
settings. The SA lifetime must also be less than or equal to the lifetime in the policy sent. If the
lifetimes do not match, the shorter lifetime applies. If no match exists, IKE refuses negotiation.

To view the current set of IKE policies:

1. Select Security > IKE Settings from the main menu tree.

2. Click the IKE Policies tab.

3. Refer to the values displayed within the IKE Policies tab to determine if an existing policy

requires revision, removal or a new policy requires creation.

Sequence Number

Displays the sequence number for the IKE policy. The available range is from 1 to
10,000, with 1 being the highest priority value.

Encryption

Displays the encryption method protecting data transmitted between peers.
Options include:

•

DES 56-bit DES-CBC. The default value.

•

3DES - 168-bit Triple DES.

•

AES - 128-bit AES.

•

AES 192 - 192-bit AES.

•

AES 256 - 256-bit AES.

Hash Value

Displays the hash algorithm used to ensure data integrity. The hash value
validates a packet comes from its intended destination, and has not been
modified in transit. Options include:

•

SHA - The default value.

•

MD5 - MD5 has a smaller digest and is somewhat faster than SHA-1.