HP StorageWorks Fabric OS 5.3.x administrator guide (5697-0244, November 2009)
Fabric OS 5.3.0 administrator guide 409
DH_Group The Diffie-Hellman group. Supported groups are Group 1 and Group 14. Group
1 is the default.
secs The security association lifetime in seconds. 28800 is the default.
The following example shows how to create IKE policy number 10 using 3DES encryption, MD5
authentication, and Diffie-Hellman Goup 1:
For a complete description of the policy command, see the Fabric OS Command Reference Manual.
To display policy settings
1. To display the settings for a single policy, type:
policy --show type number
For example, to view the IPSec 1 policy, type:
policy --show ipsec 1
2. To display the policy settings for all defined policies, type:
policy --show type all
The example below shows all of the IKE policies defined; in this example, there are two IKE policies.
Policies cannot be modified. You must delete and then recreate a policy with the newly-determined
parameters.
To delete a policy
1. Log in to the switch as admin.
2. At a command prompt, type:
policy --delete type number
where type is the policy type and number is the number assigned.
switch:admin06> policy --create ike 10 -enc 3des -auth md5 -dh 1
The following policy has been set:
IKE Policy 10
-----------------------------------------
Authentication Algorithm: MD5
Encryption: 3DES
Perfect Forward Secrecy: on
Diffie-Hellman Group: 1
SA Life (seconds): 28800
Operation Succeeded
switch:admin06> policy --show ike all
IKE Policy 1
-----------------------------------------
Authentication Algorithm: MD5
Encryption: UNKNOWN
Perfect Forward Secrecy: off
Diffie-Hellman Group: 1
SA Life (seconds): 0
IKE Policy 32
-----------------------------------------
Authentication Algorithm: SHA-1
Encryption: AES-128
Perfect Forward Secrecy: on
Diffie-Hellman Group: 1
SA Life (seconds): 28800
Operation Succeeded