Dell Brocade G620 Brocade 8.0.1 Fabric OS Command Reference - Page 468
Defines the Security Association. An SA specifies the IPSec protocol AH or ESP,
![]() |
View all Dell Brocade G620 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 468 highlights
ipSecConfig 444 sa-proposal Defines the security associations (SA) proposal, including name, SAs to be included and lifetime of the proposal. The following operands are supported: -tag name Specifies a name for the SA proposal. This is a user-generated name. The name must be between 1 and 32 characters in length, and may include alphanumeric characters, dashes (-), and underscores (_). -sa name[,name] Specifies the SAs to include in the SA proposal. The bundle consists of one or two SA names, separated by commas. For SA bundles, [AH, ESP] is the supported combination. The SAs must be created prior to being included in the SA proposal. This operand is required. -lttime number Specifies the SA proposal's lifetime in seconds. This operand is optional. If a lifetime is not specified, the SA does not expire. If lifetime is specified both in seconds and in bytes, the SA expires when the first expiration criterion is met. -ltbyte number Specifies the SA proposal's lifetime in bytes. The SA expiries after the specified number of bytes have been transmitted. This operand is optional. sa Defines the Security Association. An SA specifies the IPSec protocol (AH or ESP), the algorithms used for encryption and authentication, and the expiration definitions used in security associations of the traffic. IKE uses these values in negotiations to create IPSec SAs. You cannot modify an SA once it is created. Use ipsecConfig --flush manual-sa to remove all SA entries from the kernel SA database (SADB) and start over. -tag name Specifies a name for the SA. This is a user-generated name. The name must be between 1 and 32 characters in length, and may include alphanumeric characters, dashes (-), and underscores (_). This operand is required. -protocol ah | esp Specifies the IPSec protocol. Encapsulating Security Payload (ESP) provides confidentiality, data integrity and data source authentication of IP packets, and protection against replay attacks. Authentication Header (AH) provides data integrity, data source authentication, and protection against replay attacks but, unlike ESP, does not provide confidentiality. This operand is required. -auth algorithm Specifies the authentication algorithm. This operand is required. Valid algorithms include the following: hmac_md5 MD5 authentication algorithm hmac_sha1 SHA1 authentication algorithm Brocade Fabric OS Command Reference 53-1004112-02
![](/manual_guide/products/dell-brocade-g620-brocade-801-fabric-os-command-reference-c7958e0/468.png)