HP StorageWorks 4/64 Brocade Fabric OS Command Reference Manual v6.2.0 (53-100 - Page 555
policy, Internet protocol security.
View all HP StorageWorks 4/64 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 555 highlights
policy 2 policy Synopsis Displays or modifies the encryption and authentication algorithms for security policies. policy option type number [-enc method] [-auth algorithm] [-pfs value] [-dh group] [-seclife seconds] Description Use this command to display or modify the encryption and authentication algorithms for security policies. You can configure a maximum of 32 Internet key exchange (IKE) and 32 Internet protocol security (IPSec) policies. Each FCIP tunnel is configured separately and may have the same or different IKE and IPSec policies. Policies cannot be altered. To change the parameters associated with a current IKE or IPSec policy, that policy must be deleted and re-created with new parameters. A policy cannot be deleted while an active FCIP tunnel is using it. Note The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in place. Refer to chapter 1, "Using Fabric OS commands" and Appendix A, "Command Availability" for details. Operands Optional Operands The following operands are required: option Specifies the action to take. Actions include: --create Creates the policy. --delete Deletes the policy. --show type Displays the policy. Specifies the policy type. Types include: ike Internet key exchange. ipsec number Internet protocol security. Specifies the numeric ID of the policy. Valid values are 1 to 32, and ALL with the --show option. -enc method 3DES AES-128 AES-256 -auth algorithm SHA-1 MD5 AES-XCBC -pfs value Specifies the encryption algorithm. The default is AES-128. Methods include: Triple data encryption standard, 168-bit key. Advanced encryption standard, 128-bit key. Advanced encryption standard, 256-bit key. Specifies the authentication algorithm. The default is SHA-1. Algorithms include: Secure hash algorithm. Message digest 5. Advanced encryption standard. Valid only with IPSec. Specifies the perfect forward secrecy. This operand is valid only with IKE policies. Values are on (default) or off. Fabric OS Command Reference 527 53-1001186-01