Reference Guide
448 Brocade Fabric OS Command Reference
53-1004112-02
ipSecConfig
-direction in | out
Specifies traffic flow direction as inbound or outbound.
-mode tunnel | transport
Specifies the IPSec mode. In tunnel mode, the IP datagram is fully encapsulated by a
new IP datagram using the IPSec protocol. In transport mode, only the payload of the
IP datagram is handled by the IPSec protocol; it inserts the IPSec header between the
IP header and the upper-layer protocol header.
-enc algorithm
Specifies the encryption algorithm. Valid encryption algorithms include the following:
3des_cbc
3DES algorithm
null_enc
Null encryption algorithm (cleartext)
-auth algorithm
Specifies the authentication algorithm. Valid authentication algorithms include the
following:
hmac_md5
MD5 algorithm
hmac_sha1
SH1 algorithm
-enc-key number
Specifies the encryption key. This is a user-generated key based on the length of the
key. Use the LINUX random key generator or any other comparable third party utility to
generate the manual SA keys. Refer to the Fabric OS Administrator's Guide for details.
• A 192-bit value for the 3des_cbc encryption algorithm, for example,
0x96358c90783bbfa3d7b196ceabe0536b
• A zero-bit value for the null_enc encryption algorithm.
-auth-key number
Specifies the authentication key. This is a user-generated key based on the length of
the key. Valid keys include the following:
• A 128-bit value for the hmac_md5 authentication algorithm.
• A 160-bit value for the hmac_sha1 authentication algorithm.
The following operands are optional:
tunnel-local ipaddress
Specifies the local tunnel IPv4 or IPv6 address.
tunnel-remote ipaddress
Specifies the peer tunnel IPv4 or IPv6 address.