type and number
The following example shows how to create IKE policy number 10 using 3DES encryption, MD5
authentication, and Diffie-Hellman Group 1:
switch:admin> policy --create ike 10 -enc 3des -auth md5 -dh 1
The following policy has been set:
IKE Policy 10
Authentication Algorithm: MD5
Perfect Forward Secrecy: on
Diffie-Hellman Group: 1
SA Life (seconds): 28800
Displaying IKE and IPsec policy settings
Connect to the switch and log in using an account assigned to the admin role.
Display the settings for a single policy by entering the following command:
policy --show type number
For example, to view the IPsec 1 policy, type:
policy --show ipsec 1
Display the policy settings for all defined policies by entering the following command:
policy --show type all
The type of policy being created (IKE or IPsec) and the number for this type of policy. To easily
determine how many policies have been created, consider using sequential numbering. The
range of valid values is any whole number from 1 through 32.
The supported type of encryption. Valid options are 3DES, AES- 1 28, and AES-256. AES- 1 28 is
The authentication algorithm. Valid options are SHA-1, MD5, and AES-XCBC (IPsec only).
SHA- 1 is the default.
The Diffie-Hellman group. Supported groups are Group 1 and Group 14. Group 1 is the
The security association lifetime in seconds. 28800 is the default.
Fabric OS 6.2 administrator guide 463