HP StorageWorks Fabric OS 6.1.1 administrator guide (5697-0235, December 2009)
392 Configuring and monitoring FCIP extension services
The following example shows how to create IKE policy number 10 using 3DES encryption, MD5
authentication, and Diffie-Hellman Goup 1:
For a complete description of the policy command, see the Fabric OS Command Reference.
To display IKE and IPSec policy settings:
1. Connect to the switch and log in using an account assigned to the admin role.
2. Issue the following command:
policy --show type number
For example, to view the IPSec 1 policy:
policy --show ipsec 1
3. To display the policy settings for all defined policies:
policy --show type all
The following example shows all of the IKE policies defined; in this example, there are two IKE policies.
Policies cannot be modified. You must delete and then re-create a policy with the new parameters.
To delete a policy:
1. Log in to the switch as admin.
2. Issue the following command:
policy --delete type number
switch:admin06> policy --create ike 10 -enc 3des -auth md5 -dh 1
The following policy has been set:
IKE Policy 10
-----------------------------------------
Authentication Algorithm: MD5
Encryption: 3DES
Perfect Forward Secrecy: on
Diffie-Hellman Group: 1
SA Life (seconds): 28800
Operation Succeeded
switch:admin06> policy --show ike all
IKE Policy 1
-----------------------------------------
Authentication Algorithm: MD5
Encryption: 3DES
Perfect Forward Secrecy: off
Diffie-Hellman Group: 1
SA Life (seconds): 0
IKE Policy 32
-----------------------------------------
Authentication Algorithm: SHA-1
Encryption: AES-128
Perfect Forward Secrecy: on
Diffie-Hellman Group: 1
SA Life (seconds): 28800
Operation Succeeded