Ipsec Over Management Ports; Enabling The Ethernet Ipsec Policies; Establishing An Ike Policy - Brocade Communications Systems 8 Administrator's Manual

17

IPsec over management ports

4. Assign a policy number.
5. Select the Encryption Algorithm used in this policy.
6. Select an Authentication Algorithm for this policy.
7.

IPsec over management ports

IPsec can be applied to the management port on a switch or a CP blade to establish a secure
connection between a PC or workstation and Web Tools. The connection can be used as a virtual
private network (VPN) interface to Web Tools.
At a high level, the steps to take are:
•
•
•
•
•
•
•

Enabling the Ethernet IPsec policies

Use the following procedure to access the Ethernet IPsec Policies dialog box.
1. Open the Switch Administration window.
2. Select Show Advanced Mode.
3. Select the Security Policies tab.
4. Under Security Policies, select Ethernet IPsec.
5. Ethernet IPsec policies can be configured only after enabling IPsec by clicking the Enable

Establishing an IKE policy

When you establish an IKE policy, you identify a set of algorithms and authentication rules and
parameters to use in a key exchange. Refer to the Fabric OS Administrator's Guide for details on
IKE functionality.
236
DRAFT: BROCADE CONFIDENTIAL
The Policy Number selector allows you to select a number between 1 and 32.
The choices are 3DES, AES-128, and AES_256.
The choices are SHA-1, MD5, and AES-XCBC. The remaining three fields are grayed out. They
apply only to IKE policies.
Click OK.
Access the Ethernet IPsec Policies dialog box.
Enable IPsec.
Create an IKE policy for authentication.
Create an security association (SA).
Create an SA proposal.
Add a IPsec Transform policy, referencing the IKE policy and the SA proposal.
Add an IPsec selector that allows you to apply a Transform policy to a specific IP flow.
The Ethernet IPsec Policies screen displays.
button below the Ethernet IPsec policies table.
Web Tools Administrator's Guide
53-1001772-01