Delete IPsec Tunnel Configuration on Fabric IPsec Gateway VM

Before you begin

You must disable the IPsec administrative state on the tunnel before you can remove IPsec configuration.

About this task

Perform this procedure to delete the configuration of a specific IPsec tunnel on Fabric IPsec Gateway Virtual Machine (VM).

Procedure

  1. Enter Fabric IPsec Gateway Configuration mode:

    enable

    virtual-service WORD<1-128> console

    Note

    Note

    Type CTRL+Y to exit the console.

  2. Delete the configuration of a specific tunnel:

    delete ipsec <1-255> <admin-state enable | auth-key | encryption-key-length | fe-tunnel-dest-ip | fragment-before-encrypt enable | ipsec-dest-ip | mtu | responder-only | tunnel-name | egress-shaping-rate>

Example

Delete configuration on IPsec tunnel ID 2:

Switch:1> enable
Switch:1# virtual-service figw console
Connected to domain figw
Escape character is ^Y

  <cr>
FIGW>delete ipsec 2 admin-state enable
FIGW>delete ipsec 2 auth-key
FIGW>delete ipsec 2 tunnel-name
FIGW>delete ipsec 2 fragment-before-encrypt enable

Variable Definitions

The following table defines parameters for the delete ipsec command.

Variable Value
<1-255>

Specifies the unique ID of the configured IPsec tunnel.

admin-state enable

Disables the IPsec status on the specific IPsec tunnel.

auth-key

Deletes the authentication key that you configure on the specific IPsec tunnel.

encryption-key-length

Resets the encryption key length for the specific IPsec tunnel to its default value, that is 128 bit.

fe-tunnel-dest-ip

Deletes the destination IP address that you configure on the Fabric Extend (FE) tunnel.

fragment-before-encrypt enable

Disables the fragmentation of packets before IPsec encryption on the tunnel. By default, fragmentation before encryption is disabled.

ipsec-dest-ip

Deletes the destination IP address that you configure on the IPsec tunnel.

mtu

Resets the Maximum Transmission Unit (MTU) value for the specific IPsec tunnel to the MTU value configured globally.

responder-only

Deletes the mode that you configure for the IPsec session in FE tunnel.

tunnel-name

Deletes the name that you configure for the IPsec tunnel.

egress-shaping-rate

Deletes the egress shaping rate for the IPsec tunnel.