Fabric OS FCIP Administrators Guide v6.4.0 (53-1001766-01, November 2010)
Fabric OS FCIP Administrator’s Guide 49
53-1001766-01
IPSec implementation over FCIP
3
IKE Policy 10
-----------------------------------------
Authentication Algorithm: MD5
Encryption: 3DES
Perfect Forward Secrecy: on
Diffie-Hellman Group: 1
SA Life (seconds): 28800
Operation Succeeded
Displaying IKE and IPsec policy settings
1. Connect to the switch and log in using an account assigned to the admin role.
2. Display the settings for a single policy by entering the following command:
policy --show
type
number
For example, to view the IPsec 1 policy, type:
policy --show ipsec 1
3. Display the policy settings for all defined policies by entering the following command:
policy --show
type
all
The example below shows all of the IKE policies defined; in this example, there are two IKE
policies.
switch:admin> policy --show ike all
IKE Policy 1
-----------------------------------------
Authentication Algorithm: MD5
Encryption: 3DES
Perfect Forward Secrecy: off
Diffie-Hellman Group: 1
SA Life (seconds): 0
IKE Policy 32
-----------------------------------------
Authentication Algorithm: SHA-1
Encryption: AES-128
Perfect Forward Secrecy: on
Diffie-Hellman Group: 1
SA Life (seconds): 28800
Operation Succeeded
Deleting an IKE and IPsec policy
Policies cannot be modified. You must delete and then recreate a policy with the new parameters.
1. Connect to the switch and log in using an account assigned to the admin role.
2. Enter the following command.
policy --delete
type
number