About Perfect Forward Secrecy - Cisco AP775A - Nexus Converged Network Switch 5010 Configuration Manual

Crypto IPv4-ACLs
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Figure 44-28
Click the CryptoMap Set Entry tab.
Step 2
You see the existing crypto maps configured in
Figure 44-29
Check or uncheck the AutoPeer option for the selected crypto map set entry.
Step 3
Click Apply Changes to save your changes.
Step 4

About Perfect Forward Secrecy

To specify SA lifetime negotiation values, you can also optionally configure the perfect forward secrecy
(PFS) value in the crypto map.
The PFS feature is disabled by default. If you set the PFS group, you can set one of the DH groups: 1,
2, 5, or 14. If you do not specify a DH group, the software uses group 1 by default.
Cisco MDS 9000 Family Fabric Manager Configuration Guide
44-34
IPsec Configuration
Existing Crypto Maps
Chapter 44 Configuring IPsec Network Security
Figure 44-29.
OL-17256-03, Cisco MDS NX-OS Release 4.x