Send documentation comments to mdsfeedback-doc@cisco.com.
Contents
xix
Cisco MDS 9000 Family Fabric Manager Configuration Guide
OL-6965-03, Cisco MDS SAN-OS Release 2.x
IPsec Prerequisites 29-2
IPsec Compatibility 29-3
About IPsec 29-3
About IKE 29-4
IPsec and IKE Terminology 29-4
Supported IPsec Transforms 29-5
Supported IKE Transforms and Algorithms 29-6
Supported Algorithms for Windows and Linux Platforms 29-7
Enabling IPsec Using FCIP Wizard 29-7
Modifying IKE and IPsec 29-8
Crypto ACL Guidelines 29-9
Mirror Image Crypto ACLs 29-10
The any Keyword in Crypto ACLs 29-12
Configuring Crypto IP-ACLs 29-12
Transform Sets 29-12
Crypto Map Entries 29-13
SA Establishment Between Peers 29-14
The AutoPeer Option 29-14
SA Lifetime Negotiation 29-15
Perfect Forwarding Secrecy 29-15
Creating or Modifying Crypto Maps 29-15
Applying a Crypto Map Set to an Interface 29-16
IPsec Maintenance 29-17
Global Lifetime Values 29-17
CHAPTER
30 FC-SP and DHCHAP 30-1
Fibre Channel Security Protocol 30-1
About DHCHAP 30-2
DHCHAP Compatibility with Existing Cisco MDS Features 30-3
Configuring DHCHAP Authentication 30-3
Enabling DHCHAP 30-3
Configuring DHCHAP Authentication Modes 30-4
Changing the DHCHAP Hash Algorithm 30-5
Changing DHCHAP Group Settings 30-5
Configuring the DHCHAP Password 30-6
Configuring the DHCHAP Password for the Local Switch 30-7
Configuring Remote Passwords for Other Devices 30-7
Setting the DHCHAP Timeout Value 30-8
Configuring DHCHAP AAA Authentication 30-8