beautypg.com

Brocade Mobility Access Point System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 171

background image

Brocade Mobility Access Point System Reference Guide

161

53-1003100-01

5

FIGURE 63

Profile Security - VPN Peer Configuration create/modify screen (IKEv2 example)

14. Select OK to save the changes made within the Peer Configuration screen. Select Reset to

revert to the last saved configuration.

Name

If creating a new peer configuration (remote gateway) for VPN tunnel connection, assign it a
name (32 character maximum) to distinguish it from others with similar attributes.

IP Type

Enter either the IP address or FQDN hostname of the IPSec VPN peer used in the tunnel setup. If
IKEv1 is used, this value is titled IP Type, if IKEv2 is used, this parameter is titled Select
IP/Hostname.

Authentication Type or
Local Authentication Type

Select either pre-shared key (PSK) or RSA. Rivest, Shamir, and Adleman (RSA) is an algorithm for
public key cryptography. It’s the first algorithm known to be suitable for signing, as well as
encryption If using IKEv2, this screen displays both local and remote authentication options, as
both ends of the VPN connection require authentication. RSA is the default value for both local
and remote authentication (regardless of IKEv1 or IKEv2).

Authentication Value or
Local Authentication Value

Define the authentication string (shared secret) that must be shared by both ends of the VPN
tunnel connection. The string must be from 8 - 21 characters long. If using IKEv2, both a local
and remote string must be specified for handshake validation and both ends (local and remote)
of the VPN connection.

Local Identity

Select the access point’s local identifier used with this peer configuration for an IKE exchange
with the target VPN IPSec peer. Options include IP Address, Distinguished Name, FQDN, email
and string. The default setting is string.

Remote Identity

Select the access point’s remote identifier used with this peer configuration for an IKE exchange
with the target VPN IPSec peer. Options include IP Address, Distinguished Name, FQDN, email
and string. The default setting is string.

IKE Policy Name

Select the IKEv1 or IKE v2 policy name (and settings) to apply to this peer configuration. If a
policy requires creation, select the Create icon.

See also other documents in the category Brocade Computer Accessories: