Section 35.3.3, Section 35.3.4 – Westermo RedFox Series User Manual

Westermo OS Management Guide

Version 4.17.0-0

Usage Enable or disable NAT-T for all IPsec tunnels. NAT Traversal can cause

inter-operability problems with some IPsec clients, so the default setting is
disabled.

However, when NAT-T is enabled it only kicks in when the server and client
detects they are being NAT’ed. So in most cases it is a safe option to set.

Use ”ipsec-nat-traversal” to enable and ”no ipsec-nat-traversal” to
disable NAT traversal.

Use ”show ipsec-nat-traversal” to show whether IPsec NAT traversal is
enabled or disabled.

Default values Disabled (”no ipsec-nat-traversal”)

35.3.3

Configure IP tunnel MTU

Syntax [no] ipsec-mtu-override

Context

Tunnel Configuration

context

Usage Override default MTU for all IPsec tunnels.

Use ”ipsec-mtu-override ” to specify a specific MTU value to use
for all IPsec tunnels. Use ”no ipsec-mtu-override” to return to the default
setting.

Use ”show ipsec-mtu-override” to show the configured IPsec MTU value.

Default values 1419 (bytes)

35.3.4

Managing IPsec VPN Tunnels

Syntax [no] ipsec

where INDEX is a number greater or equal to 0.

Context

Tunnel Configuration

context

Usage Create, delete, or modify an IPsec VPN tunnel. Use ”ipsec ”

to create a new IPsec tunnel, or to enter the configuration context of an
existing IPsec tunnel. (To find the index of configured tunnels, use ”show
tunnel” as described in

section 35.3.1

,)

Use ”no ipsec ” to remove a specific IPsec VPN tunnel, or ”no
ipsec” to remove all configured IPsec VPN tunnels.

➞ 2015 Westermo Teleindustri AB

821