beautypg.com

Lifetime – Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 611

background image

598

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

7

Syntax:

isakmp-proposal encryption [3des|aes|aes-192|aes-256] group [14|2|5]

hash [md5|sha]

Parameters

isakmp-proposal encryption [3des|aes|aes-192|aes-256] group [14|2|5]

hash [md5|sha]

Example

rfs7000-37FABE(config-profile-default-rfs7000-ikev1-policy-ikev1-testpolicy)#

isakmp-proposal testproposal encryption aes group 2 hash sha

rfs7000-37FABE(config-profile-default-rfs7000-ikev1-policy-testpolicy)#show

context

crypto ikev1 policy testpolicy

dpd-keepalive 11

dpd-retries 10

isakmp-proposal default encryption aes-256 group 2 hash sha

isakmp-proposal testpraposal encryption aes group 2 hash sha

rfs7000-37FABE(config-profile-default-rfs7000-ikev1-policy-testpolicy)#

lifetime

crypto-ikev1/ikev2-policy commands

Specifies how long an IKE SA is valid before it expires

Supported in the following platforms:

Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point

Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000

Service Platforms — Brocade Mobility RFS9510

Syntax:

lifetime <600-86400>

Specify the name of the ISAKMP proposal

encryption
[3des|aes|
aes-192|aes-256]

Configures the encryption level transmitted using the crypto isakmp command

3des – Configures triple data encryption standard

aes – Configures AES (128 bit keys)

aes-192 – Configures AES (192 bit keys)

aes-256 – Configures AES (256 bit keys)

group [14|2|5]

Specifies the Diffie-Hellman (DH) group (1 or 2) used by the IKE policy to generate keys (used to create IPSec
SA). Specifying the group enables you to declare the modulus size used in DH calculation.

14 – Configures DH group 14

2 – Configures DH group 2

5 – Configures DH group 5

hash [md5|sha]

Specifies the hash algorithm used to authenticate data transmitted over the IKE SA

md5 – Uses Message Digest 5 (MD5) hash algorithm

sha – Uses Secure Hash Authentication (SHA) hash algorithm

See also other documents in the category Brocade Computer Accessories: