Using the help command – Dell POWEREDGE M1000E User Manual

Fabric OS Command Reference

447

53-1001764-02

ipSecConfig

2

To display all IPSec transforms:

switch:admin>

ipsecconfig --show policy ips transform -a

policy-A-B action:auto_ipsec mode:transport

local:10.33.69.132 remote:10.33.74.13

sa-proposal:ipsec-esp-a-b

ike-policy:remote-B

To display all IPSec traffic selectors:

switch:admin>

ipsecconfig --show policy ips selector -a

slt-A-B-any local:10.33.69.132 remote:10.33.74.13

direction:outbound upper-layer-protocol:any

transform-used:policy-A-B

slt-B-A-any local:10.33.74.13 remote:10.33.69.132

direction:inbound upper-layer-protocol:any

transform-used:policy-A-B

Using the help command
To use the --help command with arguments to display the syntax of specific types and subtypes:

switch:admin>

ipsecconfig --help add policy ips selector

Usage: ipsecConfig --add policy ips selector ARGUMENTS

ARGUMENTS

-tag <name> selector name

-direction <in|out> traffic flow direction

-local <addr> source IPv4 or IPv6 address

-remote <addr> peers IPv4 or IPv6 address

-transform <name> transform name

[-protocol <name>] protocol nam

switch:admin>

ipsecconfig

--

help modify policy ike

Usage: ipsecConfig --modify policy ike ARGUMENTS

ARGUMENTS

-tag <name> ike policy name

-remote <addr> peers ipaddress

-id <identifier> local identifier

-remoteid <identifier> peers identifier

-enc <ALGORITHM> encryption algorithm

-hash <ALGORITHM> hash algorithm

-prf <ALGORITHM> prf algorithm

-dh <number> dh group number

ENCRYPTION ALGORITHM

3des_cbc, aes128_cbc, aes256_cbc, null_enc

HASH ALGORITHM

hmac_md5, hmac_sha1, aes_xcbc

PRF ALGORITHM

hmac_md5, hmac_sha1, aes_xcbc

DH-GROUP

modp768(1), modp1024(2), modp2048(14), modp8192(18)