Security CLI Reference
 Note |
To achieve simplification and consistency, the Cisco SD-WAN solution has been rebranded as Cisco Catalyst SD-WAN. In addition, from Cisco IOS XE SD-WAN Release 17.12.1a and Cisco Catalyst SD-WAN Release 20.12.1, the following component changes are applicable: Cisco vManage to Cisco Catalyst SD-WAN Manager, Cisco vAnalytics to Cisco Catalyst SD-WAN Analytics, Cisco vBond to Cisco Catalyst SD-WAN Validator, and Cisco vSmart to Cisco Catalyst SD-WAN Controller. See the latest Release Notes for a comprehensive list of all the component brand name changes. While we transition to the new names, some inconsistencies might be present in the documentation set because of a phased approach to the user interface updates of the software product. |
CLI commands for configuring and monitoring security.
Security Configuration Commands
Use the following commands to configure security parameters:
security
control
protocol (dtls | tls)
tls-port number
ipsec
authentication-type type
rekey seconds
replay-window number
vpn vpn-id
interface ipsecnumber
access-list acl-name
block-non-source-ip
clear-dont-fragment
dead-peer-detection interval seconds retries number
description text
ike
authentication-type type
local-id id
pre-shared-secret password
remote-id id
cipher-suite suite
group number
mode mode
rekey seconds
version number
ip address ipv4-prefix/length
ipsec
cipher-suite suite
perfect-forward-secrecy pfs-setting
rekey seconds
replay-window number
mtu bytes
policer policer-name
rewrite-rule rule-name
[no] shutdown
tcp-mss-adjust bytes
tunnel-destination (dns-name | ipv4-address)
(tunnel-source ip-address | tunnel-source-interface interface-name)Security Monitoring Commands
-
show control connections
-
show security-info
Feedback