Crypto IPv4-ACLs
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Figure 44-28
Click the CryptoMap Set Entry tab.
Step 2
You see the existing crypto maps configured in
Figure 44-29
Check or uncheck the AutoPeer option for the selected crypto map set entry.
Step 3
Click Apply Changes to save your changes.
Step 4
About Perfect Forward Secrecy
To specify SA lifetime negotiation values, you can also optionally configure the perfect forward secrecy
(PFS) value in the crypto map.
The PFS feature is disabled by default. If you set the PFS group, you can set one of the DH groups: 1,
2, 5, or 14. If you do not specify a DH group, the software uses group 1 by default.
Cisco MDS 9000 Family Fabric Manager Configuration Guide
44-34
IPsec Configuration
Existing Crypto Maps
Chapter 44
Configuring IPsec Network Security
Figure
44-29.
OL-17256-03, Cisco MDS NX-OS Release 4.x