The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Note |
To achieve simplification and consistency, the Cisco SD-WAN solution has been rebranded as Cisco Catalyst SD-WAN. In addition, from Cisco IOS XE SD-WAN Release 17.12.1a and Cisco Catalyst SD-WAN Release 20.12.1, the following component changes are applicable: Cisco vManage to Cisco Catalyst SD-WAN Manager, Cisco vAnalytics to Cisco Catalyst SD-WAN Analytics, Cisco vBond to Cisco Catalyst SD-WAN Validator, and Cisco vSmart to Cisco Catalyst SD-WAN Controller. See the latest Release Notes for a comprehensive list of all the component brand name changes. While we transition to the new names, some inconsistencies might be present in the documentation set because of a phased approach to the user interface updates of the software product. |
CLI commands for configuring and monitoring security.
Use the following commands to configure security parameters:
security
control
protocol (dtls | tls)
tls-port number
ipsec
authentication-type type
rekey seconds
replay-window number
vpn vpn-id
interface ipsecnumber
access-list acl-name
block-non-source-ip
clear-dont-fragment
dead-peer-detection interval seconds retries number
description text
ike
authentication-type type
local-id id
pre-shared-secret password
remote-id id
cipher-suite suite
group number
mode mode
rekey seconds
version number
ip address ipv4-prefix/length
ipsec
cipher-suite suite
perfect-forward-secrecy pfs-setting
rekey seconds
replay-window number
mtu bytes
policer policer-name
rewrite-rule rule-name
[no] shutdown
tcp-mss-adjust bytes
tunnel-destination (dns-name | ipv4-address)
(tunnel-source ip-address | tunnel-source-interface interface-name)
show control connections
show security-info