set global

Configures the global parameters on the Fabric IPsec Gateway Virtual Machine.

Syntax

set global fe-tunnel-gw-ip {A.B.C.D}
set global fe-tunnel-src-ip {A.B.C.D}
set global ipsec-disable
set global ipsec-log-level <-1-5>
set global ipsec-tunnel-src-ip {A.B.C.D/X}
set global ipsec-tunnel-src-vlan <2-4059>
set global lan-intf-gw-ip {A.B.C.D}
set global lan-intf-ip {A.B.C.D/X}
set global lan-intf-vlan <2-4059>
set global mtu <750-9000>
set global services sshd <disable | enable>
set global virtual-reassembly-intf-ip {A.B.C.D/X}
set global virtual-reassembly-intf-vlan <2-4059>
set global wan-intf-gw-ip {A.B.C.D}

Command Parameters

fe-tunnel-gw-ip {A.B.C.D}: Specifies the gateway IP address for Fabric Extend (FE) tunnel.
fe-tunnel-src-ip {A.B.C.D}: Specifies the source IP address for FE tunnel.
ipsec-disable: Disables IPsec globally on the Fabric IPsec Gateway VM.
ipsec-tunnel-src-ip {A.B.C.D/X}: Specifies the source IP address and subnet mask for IPsec tunnel.
ipsec-tunnel-src-vlan <2-4059>: Specifies the VLAN ID in the range of 2 to 4059. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1. By default, the system reserves VLAN IDs 4060 to 4094 for internal use. On switches that support the vrf-scaling and spbm-config-mode boot configuration flags, if you enable these flags, the system also reserves VLAN IDs 3500 to 3998.
lan-intf-gw-ip {A.B.C.D}: Specifies the gateway IP address for LAN interface.
lan-intf-ip {A.B.C.D/X}: Specifies the IP address and subnet mask for Local Area Network (LAN) interface.
lan-intf-vlan <2-4059>: Specifies the VLAN ID in the range of 2 to 4059. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1. By default, the system reserves VLAN IDs 4060 to 4094 for internal use. On switches that support the vrf-scaling and spbm-config-mode boot configuration flags, if you enable these flags, the system also reserves VLAN IDs 3500 to 3998.
mtu <750-9000>: Specifies the Maximum Transmission Unit (MTU) value.

Note

If an IPsec tunnel is not using the fragmentation and reassembly capabilities, the default MTU value is 1950.
services sshd <disable | enable>: Enables or disables SSH access for Fabric IPsec Gateway. By default, SSH access is disabled.
virtual-reassembly-intf-ip {A.B.C.D/X}: Specifies the virtual-reassembly interface IP address and subnet mask on the Fabric IPsec Gateway VM.

Note

You must configure the virtual reassembly interface IP address to use the fragmentation and reassembly service.
virtual-reassembly-intf-vlan <2-4059>: Specifies the VLAN ID in the range of 2 to 4059. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1. By default, the system reserves VLAN IDs 4060 to 4094 for internal use. On switches that support the vrf-scaling and spbm-config-mode boot configuration flags, if you enable these flags, the system also reserves VLAN IDs 3500 to 3998.
wan-intf-gw-ip {A.B.C.D/X}: Specifies the gateway IP address and subnet mask for Wide Area Network (WAN) interface.

Default

None.

Command Mode

Fabric IPsec Gateway Configuration

Usage Guidelines

This command does not apply to all hardware platforms. For more information about feature support, see VOSS Feature Support Matrix.