beautypg.com

Step by step wizard – Brocade Mobility Access Point System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 346

background image

336

Brocade Mobility Access Point System Reference Guide

53-1003100-01

5

Provide the following information to configure a VPN tunnel:

Click the Save button to save the VPN Tunnel configuration. To exit without saving, click Cancel.

Step By Step Wizard

Overriding General Security Settings

The Quick Setup Wizard creates a VPN connection with minimum manual configuration. Default
values are retained for most of the parameters.

The Step-By-Step wizard creates a VPN connection with more manual configuration than the Quick
Setup Wizard. Use this wizard to manually configure Access Control Lists, IKE Policy, and Transform
Sets to customize the VPN Tunnel.

Select the Step-By-Step Wizard option from the VPN screen.

Click the Start button. The following screen displays:

Tunnel Name

Provide a name for the tunnel. Tunnel name must be such that it easily identifies the tunnel
uniquely.

Tunnel Type

Configure the tunnel type as one of the following:

Site-to-Site – Provides a secured connection between two sites

Remote Access – Provides access to a network to remote devices.

Select Interface

Configure the interface for creating the tunnel. The following options are available:

VLAN – Configures the tunnel over a Virtual LAN interface. Use the spinner to configure the
VLAN number.

WWLAN – Configures the tunnel over the WWLAN interface.

PPPoE – Configures the tunnel over the PPPoE interface.

Traffic Selector (ACL)

Configure ACLs that manage the traffic passing through the VPN Tunnel.

Source – Provide the source network along with its mask

Destination – Provide the destination network along with its mask.

Peer

Configures the peer for this tunnel. The peer device can be specified either by its hostname or by its
IP address.

Authentication

Configure the authentication used to identify peers. The following can be configured:

Certificate – Use a certificate to authenticate

Pre-Shared Key – Use a pre-shared key to authenticate.

Local Identity

Configure the local identity used with peer configuration for an IKE exchange with the target VPN
IPSec peer. Options include IP Address, Distinguished Name, FQDN, email and string. The default
setting is string.

Remote Identity

Configure the access point remote identifier for an IKE exchange with the target VPN IPSec peer.
Options include IP Address, Distinguished Name, FQDN, email and string. The default setting is
string.

IKE Policy

Configure the IKE policy to use. IKE is used to exchange authentication keys. Select from one of the
following:

All – Uses any IKE policy.

IKE1 – Uses IKE 1 only

IKE2 – Uses IKE 2 only

Transform Set

Configure the transform set used to specify how traffic is protected within the crypto ACL defining
the traffic that needs to be protected. Select the appropriate traffic set from the drop-down menu.

See also other documents in the category Brocade Computer Accessories: