Controller Security
Summit WM3000 Series Controller System Reference Guide394
3 Refer to the following read-only information displayed within the Interfaces tab.
4 Click the Assign Interface button to assign a Crypto Map to each interface through which IPSec traffic
flows.
Assigning the Crypto Map set to an interface instructs the security appliance to evaluate all the
traffic against the Crypto Map set and use the specified policy during connection or SA negotiation.
Assigning a Crypto Map to an interface also initializes run-time data structures (such as the SA
database and the security policy database). Reassigning a modified Crypto Map to the interface
resynchronizes the run-time data structures with the Crypto Map configuration. Also, adding new
peers through the new sequence numbers and reassigning the Crypto Map does not break existing
connections.
Viewing IPSec Security Associations
Refer to the IPSec SAs tab to review the various security associations (SAs) between the local and remote
peers comprising an IPSec VPN connection. The IPSec SA tab displays the authentication and
encryption schemes used between the VPN peers as well other device address information.
To display IPSec VPN security associations:
Name
Lists the name of the Crypto Maps available for the interface.
Interface Name
Displays the name of the interface through which IPSec traffic flows.
Applying the Crypto Map set to an interface instructs the controller to
evaluate all the interface's traffic against the Crypto Map set and to use
the specified policy during connection or security association negotiation
on behalf of traffic protected by crypto (either CET or IPSec).
To Next Page
Loading...