Segmentation CLI Reference
CLI commands for configuring and monitoring segmentation (VPNs).
Segmentation Configuration Commands
Use the following commands to configure segmentation on a vEdge router.
vpn vpn-id bandwidth-downstream kbps (on vEdge routers and vManage NMSs only) bandwidth-upstream kbps (on vEdge routers and vManage NMSs only) dns ip-address [primary | secondary] ecmp-hash-key level4 (on vEdge routers only) host hostname ip ip-address interface interface-name access-list acl-list (in | out) on vEdge routers only) arp ip ip-address mac mac-address arp-timeout seconds (on vEdge routers only) autonegotiate (on vEdge routers only) clear-dont-fragment description text dhcp-helper ip-address (on vEdge routers only) dhcp-server (on vEdge routers only) address-pool prefix/length admin-state (down | up) exclude ip-address lease-time seconds max-leases number offer-time seconds options default-gateway ip-address dns-servers ip-address domain-name domain-name interface-mtu mtu tftp-servers ip-address static-lease mac-address ip ip-address host-name hostname duplex (full | half) flow-control (bidirectional | egress | ingress) (ip address address/subnet | ip dhcp-client [dhcp-distance number]) keepalive seconds retries (on vEdge routers only) mac-address mac-address mtu bytes nat (on vEdge routers only) block-icmp-error port-forward port-start port-number1 port-end port-number2 proto (tcp | udp) private-ip-address ip-address private-vpn vpn-id refresh (bi-directional | outbound) respond-to-ping tcp-timeout minutes udp-timeout minutes pmtu policer policer-name (on vEdge routers only) ppp (on vEdge routers only) ac-name name authentication (chap | pap) hostname hostname password password pppoe-client (on vEdge routers only) ppp-interface interface-name profile profile-id (on vEdge routers only) qos-map name (on vEdge routers only) rewrite-rule name (on vEdge routers only) shaping-rate name (on vEdge routers only) shutdown speed speed static-ingress-qos number (on vEdge routers only) tcp-mss-adjust bytes tunnel-interface allow-service service-name bind interface-name (on vEdge routers only) carrier carrier-name color color [restrict] connections-limit number encapsulation (gre | ipsec) (on vEdge routers only) preference number weight number hello-interval milliseconds hello-tolerance seconds hold-time milliseconds (on vEdge routers only) last-resort-circuit (on vEdge routers only) max-control-connections number nat-refresh-interval seconds tunnel-destination ip-address (on vEdge routers only) tunnel-source ip-address (on vEdge routers only) vrrp group-name (on vEdge routers only) priority number timer seconds track-omp ! end vpn interface ip route ip-address/subnet next-hop-address name text router (on vEdge routers only) bgp ... igmp ... multicast-replicator local threshold number ospf ... pim ... service service-name address ip-address (on vEdge routers only)
Segmentation Monitoring Commands
Use the following commands to monitor segmentation:
show bgp commands
show interface commands
show ospf commands
Additional Information
Segmentation (VPN) Overview
Segmentation (VPN) Configuration Examples
Service Chaining