set global

Configures the global parameters on the Fabric IPsec Gateway Virtual Machine.

Syntax

Command Parameters

fe-tunnel-gw-ip {A.B.C.D}

Specifies the gateway IP address for Fabric Extend (FE) tunnel.

fe-tunnel-src-ip {A.B.C.D}

Specifies the source IP address for FE tunnel.

ipsec-disable

Disables IPsec globally on the Fabric IPsec Gateway VM.

ipsec-tunnel-src-ip {A.B.C.D/X}

Specifies the source IP address and subnet mask for IPsec tunnel.

ipsec-tunnel-src-vlan <2-4059>

Specifies the VLAN ID in the range of 2 to 4059. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1. By default, the system reserves VLAN IDs 4060 to 4094 for internal use. On switches that support the vrf-scaling and spbm-config-mode boot configuration flags, if you enable these flags, the system also reserves VLAN IDs 3500 to 3998.

lan-intf-gw-ip {A.B.C.D}

Specifies the gateway IP address for LAN interface.

lan-intf-ip {A.B.C.D/X}

Specifies the IP address and subnet mask for Local Area Network (LAN) interface.

lan-intf-vlan <2-4059>

Specifies the VLAN ID in the range of 2 to 4059. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1. By default, the system reserves VLAN IDs 4060 to 4094 for internal use. On switches that support the vrf-scaling and spbm-config-mode boot configuration flags, if you enable these flags, the system also reserves VLAN IDs 3500 to 3998.

mtu <750-9000>

Specifies the Maximum Transmission Unit (MTU) value.

Note

Note

If an IPsec tunnel is not using the fragmentation and reassembly capabilities, the default MTU value is 1950.

services sshd <disable | enable>

Enables or disables SSH access for Fabric IPsec Gateway. By default, SSH access is disabled.

virtual-reassembly-intf-ip {A.B.C.D/X}

Specifies the virtual-reassembly interface IP address and subnet mask on the Fabric IPsec Gateway VM.

Note

Note

You must configure the virtual reassembly interface IP address to use the fragmentation and reassembly service.

virtual-reassembly-intf-vlan <2-4059>

Specifies the VLAN ID in the range of 2 to 4059. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1. By default, the system reserves VLAN IDs 4060 to 4094 for internal use. On switches that support the vrf-scaling and spbm-config-mode boot configuration flags, if you enable these flags, the system also reserves VLAN IDs 3500 to 3998.

wan-intf-gw-ip {A.B.C.D/X}

Specifies the gateway IP address and subnet mask for Wide Area Network (WAN) interface.

Default

None.

Command Mode

Fabric IPsec Gateway Configuration

Usage Guidelines

This command does not apply to all hardware platforms. For more information about feature support, see Fabric Engine and VOSS Feature Support Matrix.