ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • security ipsec config modify

    Modify IPsec config

    Availability: This command is available to cluster administrators at the admin privilege level.

    Description

    This command modifies IPsec configuration parameters.

    Parameters

    [-is-enabled {true|false}] - Is IPsec Enabled

    This parameter enables and disables IPsec on the storage system.

    [-log-level <IPsec Log Level>] - IPsec Logging Level

    This parameter sets the IPsec logging level, where logging level 0 means no logging, and logging level 5 is most verbose. Default value is 2.

    [-replay-window {0|64|128|256|512|1024}] - IPsec Replay Window Size

    This parameter sets the IPsec replay window size. The possible values are 0, 64, 128, 256, 512 and 1024. Default value is 0.

    [-ready-to-downgrade {true|false}] - IPsec Ready To Downgrade

    This parameter is used when downgrade to a non-IPsec capable ONTAP. Set this parameter to true to cleanup IPsec configurations before such downgrade.

    Examples

    The following example enables IPsec:

    cluster-1::> security ipsec config modify -is-enabled true

    The following example sets the IPsec logging level to 4:

    cluster-1::> security ipsec config modify -log-level 4

    The following example sets the IPsec replay window size to 64:

    cluster-1::> security ipsec config modify -replay-window 64
    Top of Page