beautypg.com

Advanced vpn configuration – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 206

background image

194

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

5

Review the configuration and select Done initiate the creation of the VPN tunnel. Use the Back
button to navigate to the previous screen. Select Close to close the wizard without creating a VPN
Tunnel.

Advanced VPN Configuration

The advanced VPN configuration option does not utilize a setup wizard. Rather, it utilizes and its
own screen flow where just about every facet of a VPN tunnel configuration can be set by a
qualified network administrator.

For detailed information on creating a VPN tunnel configuration, refer to

Setting the Profile’s VPN

Configuration

.

Overriding a Profile’s Auto IPSec Tunnel Configuration

Overriding a Profile’s Security Configuration

Auto IPSec tunneling provides a secure tunnel between two networked peer controllers or service
platforms and associated Access Points which are within a range of valid IP addresses.
Administrators can define which packets are sent within the tunnel, and how they’re protected.
When a tunnelled peer sees a sensitive packet, it creates a secure tunnel and sends the packet
through the tunnel to its remote peer destination or associated Access Point

Tunnels are sets of security associations (SA) between two peers. SAs define the protocols and
algorithms applied to sensitive packets and specify the keying mechanisms used by tunnelled
peers. SAs are unidirectional and exist in both the inbound and outbound direction. SAs are
established per the rules and conditions of defined security protocols (AH or ESP).

Internet Key Exchange (IKE) protocol is a key management protocol standard used in conjunction
with IPSec. IKE enhances IPSec by providing additional features, flexibility, and configuration
simplicity for the IPSec standard. IKE enables secure communications without time consuming
manual pre-configuration for auto IPSec tunneling.

To define an Auto IPSec Tunnel configuration or override that can be applied to a profile:

1. Select Devices from the Configuration tab.

The Device Configuration screen displays a list of managed devices or peer controllers, service
platforms or Access Points.

2. Select a target device (by double-clicking it) from amongst those displayed within the Device

Configuration screen.

Devices can also be selected directly from the Device Browser in the lower, left-hand, side of
the UI.

3. Select Profile Overrides from the Device menu to expand it into sub menu options.

4. Select Security to expand its sub menu options.

5. Select Auto IPSec Tunnel.

See also other documents in the category Brocade Computer Accessories: