Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 504
492
Brocade Mobility RFS Controller System Reference Guide
53-1003099-01
8
FIGURE 71
Profile Security - Global VPN Settings screen
Define the following IPSec Global settings:
Set the following IKEV1 Settings:
df bit
Select the DF bit handling technique used for the ESP encapsulating header. Options
include Clear, set and copy. The default setting is Copy.
IPsec Lifetime (kB)
Set a connection volume lifetime (in kilobytes) for the duration of an IPSec VPN security
association. Once the set volume is exceeded, the association is timed out. Use the spinner
control to set the volume from 500 - 2,147,483,646 kilobytes. The default settings is
4,608,000 kilobytes.
IPsec Lifetime (seconds)
Set a lifetime (in seconds) for the duration of an IPSec VPN security association. Once the
set value is exceeded, the association is timed out. The available range either Seconds (120
- 86,400), Minutes (2 - 1,440), Hours (1 - 24) or Days (1). The default setting is 3,600
seconds.
Plain Text Deny
Select global or interface to set the scope of the ACL. The default setting is global,
expanding the rules of the ACL beyond just the interface.
Enable IKE Uniquelds
Select this option to initiate a unique ID check. This setting is disabled by default.
DPD KeepAlive
Define the interval (or frequency) for IKE keep alive messages for dead peer detection.
Options include Seconds (10 - 3,600), Minutes (1 - 60) and Hours (1). The default setting is
30 seconds.