Dell Brocade 300 Web Tools Administrator's Guide v7.1.0 - Page 226
Manually creating an SA, Traffic Flow Direction
View all Dell Brocade 300 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 226 highlights
15 IPsec over management ports The Add Selector dialog box displays. 3. Enter a name in the Selector Name field. 4. Select the Traffic Flow Direction (in or out). IPsec policies are unidirectional, and must be applied separately to inbound and outbound flows. 5. Enter the IP address of the sender in the Source IP Address field. 6. Enter the IP address of the receiver in the Peer IP Address field. 7. Enter the Transform Name value. 8. The Protocol Name selector allows you to select a specific protocol. 9. Click OK. Manually creating an SA Part of manually creating an security association (SA) is to select an IPsec Protection Type. The choices are discard, bypass, and protect: • Discard causes data packets to be rejected if there is an invalid pair of source and destination addresses or invalid port addresses. • Bypass allows a data packet to be transmitted or received without IPsec protection. • Process indicates a data packet is processed using IPsec encryption, IKE authentication, or both, using encapsulation security protocol (ESP) processing, or authentication header (AH) protocol processing. To manually create a SA, perform the following steps. 1. Select the SA(Manual) tab. 2. Select Add. The Add Manual-SA dialog box displays. 3. Enter a security parameter index number in the SPI (Hexadecimal) field. The SPI must be manually applied when manually adding an SA. 4. Enter the IP address of the endpoint that sends the SA in the Source IP Address field. 5. Enter the IP address of the endpoint that receives the SA in the Peer IP Address field. 6. Select the protocol used to carry the transmission using the Protocol Name selector. 7. Select the Traffic Flow Direction (in or out). IPsec policies are unidirectional, and must be applied separately to inbound and outbound flows. - For the flow from peer to source, select in. - For the flow from source to peer select out. 8. Select the IPsec Mode. The choices are Transport or Tunnel. Refer to "Transport mode and tunnel mode" on page 189 if you are unfamiliar with Transport and Tunnel modes. 9. Select the IPsec Protocol. 198 Web Tools Administrator's Guide 53-1002756-01