Configuring ipsec and ike policies – Brocade Network Advisor SAN + IP User Manual v12.3.0 User Manual
Page 1324
1252
Brocade Network Advisor SAN + IP User Manual
53-1003155-01
Configuring FCIP tunnel advanced settings
27
Configuring IPsec and IKE policies
IPsec and IKE policies are configured from the Security tab. The options and procedures are
platform-dependent.
Figure 547
on page 1252 shows the Security tab for the 8 Gbps Extension
Switch and 8 Gbps Extension Blade.
1. Select Advanced Settings on the Add FCIP Tunnel or Edit FCIP Tunnel dialog box to display the
Advanced Settings dialog box.
2. Select the Security tab.
FIGURE 547
Advanced Settings Security Tab for the 8 Gbps Extension Switch and Blade
3. As an option, click Ensure connecting peer switches have known WWNs. This provides an
added measure of security.
4. Enter the WWN for the remote switch.
5. Assign IKE and IPsec policies. For the 4 Gbps Extension Switch and Blade, you must choose
from a list of policies. The 8 Gbps Extension Switch and Blade have predefined IKE and IPsec
policies. These policies are enabled by selecting the Enable IPSec check box. Matching policies
are applied to the remote switch. Note that the Enable IPSec check box is unavailable while
editing the tunnels because the IPsec settings cannot be edited for the secured tunnels.
NOTE
IPsec settings cannot be edited. If you want to change settings, you must delete the tunnel and
then create a new tunnel with the new settings.
6. In the PreShared Key field, specify the key for IKE authentication. Use the following
specifications, depending on your extension platform:
•
For the 4 Gbps Extension Switch and Blade and the 8 Gbps Extension Blade, the key value
must be from 12 through 32 alphanumeric characters. The length depends on the chosen
IKE policy.