Send documentation comments to mdsfeedback-doc@cisco.com
44-21
Cisco MDS 9000 Family Fabric Manager Configuration Guide
OL-17256-03, Cisco MDS NX-OS Release 4.x
Chapter 44 Configuring IPsec Network Security
Crypto IPv4-ACLs
Figure 44-16 IKE Configuration
Step 2 Click the Pre-Shared AuthKey tab in the Information pane.
Step 3 Click Refresh Values.
Crypto IPv4-ACLs
IP access control lists (IPv4-ACLs) provide basic network security to all switches in the Cisco MDS
9000 Family. IPv4 IP-ACLs restrict IP-related traffic based on the configured IP filters. See
Chapter 42,
“Configuring IPv4 and IPv6 Access Control Lists” for details on creating and defining IPv4-ACLs.
In the context of crypto maps, IPv4-ACLs are different from regular IPv4-ACLs. Regular IPv4-ACLs
determine what traffic to forward or block at an interface. For example, IPv4-ACLs can be created to
protect all IP traffic between subnet A and subnet Y or Telnet traffic between host A and host B.
This section contains the following topics:
• About Crypto IPv4-ACLs, page 44-22
• Creating Crypto IPv4-ACLs, page 44-25
• About Transform Sets in IPsec, page 44-25
• Configuring Transform Sets, page 44-26
• About Crypto Map Entries, page 44-28
• Creating Crypto Map Entries, page 44-29
• About SA Lifetime Negotiation, page 44-30
• Setting the SA Lifetime, page 44-31
• About the AutoPeer Option, page 44-32
• Configuring the AutoPeer Option, page 44-33
• About Perfect Forward Secrecy, page 44-34
To Next Page
Loading...
Need help?
General
