Section 35.3.3, Section 35.3.4 – Westermo RedFox Series User Manual
Page 821
Westermo OS Management Guide
Version 4.17.0-0
Usage Enable or disable NAT-T for all IPsec tunnels. NAT Traversal can cause
inter-operability problems with some IPsec clients, so the default setting is
disabled.
However, when NAT-T is enabled it only kicks in when the server and client
detects they are being NAT’ed. So in most cases it is a safe option to set.
Use ”ipsec-nat-traversal” to enable and ”no ipsec-nat-traversal” to
disable NAT traversal.
Use ”show ipsec-nat-traversal” to show whether IPsec NAT traversal is
enabled or disabled.
Default values Disabled (”no ipsec-nat-traversal”)
35.3.3
Configure IP tunnel MTU
Syntax [no] ipsec-mtu-override <BYTES>
Context
context
Usage Override default MTU for all IPsec tunnels.
Use ”ipsec-mtu-override <BYTES>” to specify a specific MTU value to use
for all IPsec tunnels. Use ”no ipsec-mtu-override” to return to the default
setting.
Use ”show ipsec-mtu-override” to show the configured IPsec MTU value.
Default values 1419 (bytes)
35.3.4
Managing IPsec VPN Tunnels
Syntax [no] ipsec <INDEX>
where INDEX is a number greater or equal to 0.
Context
context
Usage Create, delete, or modify an IPsec VPN tunnel. Use ”ipsec <INDEX>”
to create a new IPsec tunnel, or to enter the configuration context of an
existing IPsec tunnel. (To find the index of configured tunnels, use ”show
tunnel” as described in
Use ”no ipsec <INDEX>” to remove a specific IPsec VPN tunnel, or ”no
ipsec” to remove all configured IPsec VPN tunnels.
➞ 2015 Westermo Teleindustri AB
821