Manualshelf

Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS6000 - Wireless RF Switch
391392393394395396397398399400
Switch Security 6-75
6. Click the Add button to define the attributes of a new Crypto Map.
a. Assign a Seq # (sequence number) to distinguish one Crypto Map from the another.
b. Assign the Crypto Map a Name to differentiate from others with similar configurations.
c. Use the None, Domain Name or Host Name radio buttons to select and enter the fully qualified
domain name (FQDN) or host name of the host exchanging identity information.
d. Define a SA Lifetime (secs) to define an interval (in seconds) that (when expired) forces a new
association negotiation.
e. Define a SA Lifetime (Kb) to time out the security association after the specified traffic (in kilobytes)
has passed through the IPSec tunnel using the security association.
f. Use the ACL ID drop-down menu to permit a Crypto Map data flow using the permissions within the
selected ACL.
g. Use the PFS drop-down menu to specify a group to require perfect forward secrecy (PFS) in requests
received from the peer.
h. Use the Remote Type drop-down menu to specify a remote type (either XAuth or L2TP).
i. Use the Mode drop-down menu to specify a mode of Main or Aggressive. Aggressive mode
enables you to configure pre-shared keys as Radius tunnel attributes for IP Security (IPSec) peers.
j. Optionally select the SA Per Host checkbox to specify that separate IPSec SAs should be requested
for each source/destination host pair.
k. Optionally select the Mode Config checkbox to allow the new Crypto Map to be implemented using
the aggressive mode (if selected from the Mode drop-down menu).