To configure an NGE domain
Steps
1 |
Choose Manage→Network Group Encryption from the NFM-P main menu. The Manage Network Group Encryption form opens. |
2 |
Choose Key Group from the drop-down menu and click Search. The NFM-P NGE key groups are listed. |
3 |
Select a key group and click Properties. The Key Group (Edit) form opens. |
4 |
Click on the Encryption tab. |
5 |
Click on the NGE Domains sub-tab. |
6 |
Choose an NGE domain and click Properties. The NGE Domain (Edit) form opens. |
7 |
Add one or more managed sites to the domain:
When two or more sites are added to the domain, the L3 Router Interfaces in the same subnet will be populated in the L3 Router Interfaces tab. The Ethernet ports associated with interfaces in the L3 Router Interfaces tab will be populated in the L2 Ethernet Ports tab. You can add unmanaged sites to a domain; see To add unmanaged sites to an NGE domain. |
8 |
If needed, add interfaces or ports to the domain manually. When an L3 Router Interface is added, the Ethernet ports associated with the interface will be populated in the L2 Ethernet Ports tab. To add an interface or port manually: The objects are added to the domain. |
9 |
If needed, you can bind a manually created ACL IP Exception filter to an L3 interface for L3 encryption exemption. See To configure an ACL IP exception filter policy to create the policy. To bind an ACL IP Exception Filter to a gateway L3 interface:
|
10 |
To apply the NGE encryption keys to one or more objects:
|
11 |
To disable encryption on one or more objects:
|
12 |
To remove a port or interface from the domain:
|
13 |
To remove a site from the domain:
|
14 |
To delete a domain:
|
15 |
Close the forms. End of steps |