Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 623

Advertising
background image

610

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

7

write Write running configuration to memory or terminal

rfs4000-229D58(config-device-00-23-68-22-9D-58-cryptomap-test#1)#

To navigate to the remote VPN client configuration instance, use the following command:

In the device-config mode:

<DEVICE>(config-device-<DEVICE-MAC>)#crypto map <CRYPTO-MAP-TAG> <1-1000>

ipsec-isakmp

{dynamic}

In the profile-config mode:

<DEVICE>(config-profile-<PROFILE-NAME>)#crypto map <CRYPTO-MAP-TAG> <1-1000>

ipsec-isakmp {dynamic}

rfs4000-229D58(config-device-00-23-68-22-9D-58)#crypto map test 2 ipsec-isakmp

dynamic

rfs4000-229D58(config-device-00-23-68-22-9D-58-cryptomap-test#2)#?

Dynamic Crypto Map Configuration commands:

local-endpoint-ip Use this IP as local tunnel endpoint address, instead

of the interface IP (Advanced Configuration)

modeconfig Set the mode config method

no Negate a command or set its defaults

peer Add a remote peer

pfs Specify Perfect Forward Secrecy

remote-type Set the remote VPN client type

security-association Security association parameters

transform-set Specify IPSec transform to use

use Set setting to use

clrscr Clears the display screen

commit Commit all changes made in this session

do Run commands from Exec mode

end End current mode and change to EXEC mode

exit End current mode and down to previous mode

help Description of the interactive help system

revert Revert changes

service Service Commands

show Show running system information

write Write running configuration to memory or terminal

rfs4000-229D58(config-device-00-23-68-22-9D-58-cryptomap-test#2)#

The following table lists the IPSec-Auto-VPN/Remote-VPN tunnel configuration commands:

Command

Description

Reference

ip

Enables this setting to utilize IP/Port NAT on the VPN tunnel. This command is applicable only
to the site-to-site VPN tunnel.

page 611

local-endpoint-ip

Uses the configured IP as local tunnel endpoint address, instead of the interface IP. This
command is applicable to the site-to-site VPN tunnel and remote VPN client.

page 611

modeconfig

Configures the mode config method (pull or push) associated with the remote VPN client. This
command is applicable only to the remote VPN client.

page 612

peer

Configures the IKEv1 or IKEv2 peer for the VPN tunnel. This command is applicable to the
site-to-site VPN tunnel and remote VPN client.

page 613

pfs

Configures the Perfect Forward Secrecy (PFS) for the VPN tunnel. This command is applicable
to the site-to-site VPN tunnel and remote VPN client.

page 614

Advertising
Popular Brands
Popular manuals