1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Switch
  5. MDS 9000 Series
  6. Manual

Cisco MDS 9000 Manual page 2

Hide thumbs Also See for MDS 9000:
Table of Contents

Advertisement

Overview
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
IPsec and IKE are not supported by the Cisco Fabric Switch HP c-Class BladeSystem and the Cisco
Note
Fabric Switch for IBM BladeCenter.
IPsec features are compatible with the following fabric setup:
Note
Cisco MDS IKEv2 will not interoperate with other IKEv2 implementations.
Supported IPsec and IKE Algorithms for Microsoft Windows and Linux
Platforms
Table 22-2
algorithms on the Microsoft Windows and Linux platforms.
Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x
22-2
Two connected Cisco MDS 9200 switches or Cisco MDS 9500 directors running Cisco MDS
SAN-OS Release 2.0(1b) or later.
A Cisco MDS 9200 switches or Cisco MDS 9500 directors running Cisco MDS SAN-OS Release
2.0(1b) or later connected to any IPsec compliant device.
The following features are not supported in the Cisco SAN-OS implementation of the IPsec feature:
Authentication Header (AH).
Transport mode.
Security association bundling.
Manually configuring security associations.
Per host security association option in a crypto map.
Security association idle timeout
Dynamic crypto maps.
IPv6
Any reference to crypto maps in this document only refers to static crypto maps.
Note
For IPsec to interoperate effectively with Microsoft iSCSI initiators, specify the TCP protocol and
the local iSCSI TCP port number (default 3260) in the IPv4-ACL. This configuration ensures the
speedy recovery of encrypted iSCSI sessions following disruptions such as Gigabit Ethernet
interfaces shutdowns, VRRP switchovers, and port failures. The following example of a IPv4-ACL
entry shows that the MDS switch IPv4 address is 10.10.10.50 and remote Microsoft host running
encrypted iSCSI sessions is 10.10.10.16:
switch(config)# ip access-list aclmsiscsi2 permit tcp 10.10.10.50 0.0.0.0 range port
3260 3260 10.10.10.16 0.0.0.0
lists the supported and verified settings for IPsec and IKE encryption authentication
Chapter 22
Troubleshooting IPsec
OL-9285-05

Advertisement

Table of Contents
loading

Related Manuals for Cisco MDS 9000

Related Products for Cisco MDS 9000

Table of Contents