Crypto Ipv4-Acls - HP Cisco MDS 9216 - Fabric Switch Configuration Manual

Chapter 44 Configuring IPsec Network Security
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Figure 44-16
Click the Pre-Shared AuthKey tab in the Information pane.
Step 2
Click the Refresh Values.
Step 3

Crypto IPv4-ACLs

IP access control lists (IPv4-ACLs) provide basic network security to all switches in the Cisco MDS
9000 Family. IPv4 IP-ACLs restrict IP-related traffic based on the configured IP filters. See
"Configuring IPv4 and IPv6 Access Control Lists"
In the context of crypto maps, IPv4-ACLs are different from regular IPv4-ACLs. Regular IPv4-ACLs
determine what traffic to forward or block at an interface. For example, IPv4-ACLs can be created to
protect all IP traffic between subnet A and subnet Y or Telnet traffic between host A and host B.
This section contains the following topics:
•
•
•
•
•
•
•
•
•
•
•
OL-16184-01, Cisco MDS SAN-OS Release 3.x
IKE Configuration
About Crypto IPv4-ACLs, page 44-22
Creating Crypto IPv4-ACLs, page 44-25
About Transform Sets in IPsec, page 44-25
Configuring Transform Sets, page 44-26
About Crypto Map Entries, page 44-28
Creating Crypto Map Entries, page 44-29
About SA Lifetime Negotiation, page 44-30
Setting the SA Lifetime, page 44-31
About the AutoPeer Option, page 44-32
Configuring the AutoPeer Option, page 44-33
About Perfect Forward Secrecy, page 44-34
for details on creating and defining IPv4-ACLs.
Cisco MDS 9000 Family CLI Configuration Guide
Crypto IPv4-ACLs
Chapter 42,
44-21