Skip to main content
Cisco SD-WAN
Support
Product Documentation
Viptela Documentation

block-non-source-ip

vpn interface block-non-source-ip—Do not allow an interface to forward traffic if the source IP address of the traffic does not match the inteface's IP prefix range (on vEdge routers only).

vManage Feature Template

For vEdge routers only:

Configuration ► Templates ► VPN Interface Bridge
Configuration ► Templates ► VPN Interface Cellular (for vEdge cellular wireless routers only)
Configuration ► Templates ► VPN Interface Ethernet
Configuration ► Templates ► VPN Interface PPP

Command Hierarchy

vpn vpn-id  
  interface interface-name   
    block-non-source-ip

Options

None

Operational Commands

show interface
show ip routes

Example

Have the router block traffic being sent out the transport interface (in VPN 0) and out one service-side interface (in VPN 1) when the traffic's source IP address does not match the IP address configured on the interface:

vpn 0
  interface ge0/0
    block-non-source-ip
    ...
vpn 1
  interface ge1/0
    block-non-source-ip
    ...
   

Release Information

Command introduced in Viptela Software Release 17.1.1.​

Additional Information

See the Segmentation CLI Reference article for your software release.

  • Was this article helpful?