brocade-communications-sy rfs6000 用户手册
Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide
233
53-1001931-01
Global Configuration commands
5
crypto
Use crypto to define system level local ID for ISAKMP negotiation and to enter the ISAKMP Policy,
ISAKMP Client or ISAKMP Peer command set.
ISAKMP Client or ISAKMP Peer command set.
NOTE
crypto isakmp(policy)Priority
moves to the
config-crypto-isakmp
instance. For more information, see
.
crypto isakmp client configuration group default
moves you to the
config-crypto-group
instance. For more details, see
crypto isakmp peer IP Address
moves to the
config-crypto-peer
.
crypto ipsec transformset <tag> <value>
leads you to
crypto-ipsec.
Use the crypto ipsec transform-set command to define the transform
configuration for securing data (for example, esp-3des, esp-sha-hmac, etc.). The transform-set is
assigned to a crypto map using the map’s set transform-set command. For more details, see
assigned to a crypto map using the map’s set transform-set command. For more details, see
crypto pki trustpoint
mode leads to the
config-trustpoint
instance. For more details, see
Supported in the following platforms:
•
Mobility RFS4000 Controller
•
Mobility RFS6000 Controller
•
Mobility RFS7000 Controller
Syntax
crypto
[ipsec|isakmp|key|map|pki]
crypto
ipsec [security-association|transform-set]
crypto ipsec security-association lifetime
[kilobyte|seconds] <lifetime>
crypto ipsec transform-set <transform-set-tag>
[ah-md5-hmac|ah-sha-hmac|esp-3des|esp-aes|esp-aes-192|
esp-aes-256|esp-des|esp-md5-hmac|esp-sha-hmac]
crypto
isakmp [client|keepalive|key|peer|policy]
crypto isakmp client configuration group default
crypto isakmp keepalive <10-3600>
crypto isakmp key [0 <secret>|2 <secret>|<secret>]
[address <IP>|hostname <HOST>]
crypto isakmp peer [address <IP>|dn <distinguished-name>|
hostname <HOST>]
crypto isakmp policy <1-10000>
crypto
key [export|generate|import|zeroize]
crypto key export rsa <rsa-keypair> <URL>
{<pass-phrase>}