Configuring The Keepalive Time For A Peer - Cisco AP775A - Nexus Converged Network Switch 5010 Configuration Manual
Fabric manager configuration guide, release 4.x
Hide thumbs
Also See for AP775A - Nexus Converged Network Switch 5010:
- Reference (886 pages) ,
- Command reference manual (792 pages) ,
- Configuration manual (760 pages)
Table of Contents
Chapter 44
Configuring IPsec Network Security
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Note
Caution
The keepalive time only applies to IKEv2 peers and not to all peers.
Tip
When IPsec implementations in the host prefer to initiate the IPsec rekey, be sure to configure the IPsec
Note
lifetime value in the Cisco MDS switch to be higher than the lifetime value in the host.
This section includes the following topics:
•
•
•
•
Configuring the Keepalive Time for a Peer
To configure the keepalive time for each peer using Fabric Manager, follow these steps:
Step 1
Expand Switches > Security and then select IKE.
You see the IKE configuration in the Information pane (see
OL-17256-03, Cisco MDS NX-OS Release 4.x
Only IKE v1 is supported to build IPsec between 2.x and 3.x MDS switches.
You may need to configure the initiator version even when the switch does not behave as an
IKE initiator under normal circumstances. Always using this option guarantees a faster
recovery of traffic flows in case of failures.
Configuring the Keepalive Time for a Peer, page 44-17
Configuring the Initiator Version, page 44-18
Clearing IKE Tunnels or Domains, page 44-20
Refreshing SAs, page 44-20
Figure
44-11).
Cisco MDS 9000 Family Fabric Manager Configuration Guide
Optional IKE Parameter Configuration
44-17
Hide quick links:
Table of Contents
Troubleshooting
