Skip to main content
Cisco SD-WAN
Product Documentation
Viptela Documentation

Segmentation CLI Reference

CLI commands for configuring and monitoring segmentation (VPNs).

Segmentation Configuration Commands

Use the following commands to configure segmentation on a vEdge router.

vpn vpn-id
  bandwidth-downstream kbps (on vEdge routers and vManage NMSs only)
  bandwidth-upstream kbps (on vEdge routers and vManage NMSs only)
    applications application-names
    local-interface-list interface-names
    node-type type
  dns ip-address [primary | secondary]
  ecmp-hash-key level4 (on vEdge routers only)
  ​host hostname ip ip-address  
  interface interface-name    
    access-list acl-list (in | out) on vEdge routers only)
      ip ip-address mac mac-address    
    arp-timeout seconds (on vEdge routers only)
    autonegotiate (on vEdge routers only)
    description text    
    dhcp-helper ip-address (on vEdge routers only)
    dhcp-server (on vEdge routers only)
      address-pool prefix/length
      admin-state (down | up)
      exclude ip-address
      lease-time seconds
      max-leases number
      offer-time seconds
        default-gateway ip-address
        dns-servers ip-address
        domain-name domain-name
        interface-mtu mtu
        tftp-servers ip-address
      static-lease mac-address ip ip-address host-name hostnameduplex (full | half)
    flow-control (bidirectional | egress | ingress)
    (ip address ipv4-prefix/length | ip dhcp-client [dhcp-distance number])
    (ipv6 address ipv6-prefix/length | ipv6 dhcp-client [dhcp-distance number] [dhcp-rapid-commit])
    keepalive seconds retries (on vEdge routers only)
    mac-address mac-address    
    mtu bytes
    nat (on vEdge routers only)
      port-forward port-start port-number1 port-end port-number2
        proto (tcp | udp) private-ip-address ip-address private-vpn vpn-id
      refresh (bi-directional | outbound)
      tcp-timeout minutes
      udp-timeout minutes
    policer policer-name (on vEdge routers only)
    ppp (on vEdge routers only)
      ac-name name
      authentication (chap | pap) hostname hostname password password
    pppoe-client (on vEdge routers only)
      ppp-interface interface-name
    profile profile-id (on vEdge routers only)
    qos-map name (on vEdge routers only)
    rewrite-rule name (on vEdge routers only)
    shaping-rate name (on vEdge routers only)
    speed speed
    static-ingress-qos number (on vEdge routers only)
    tcp-mss-adjust bytes 
    technology technology (on vEdge routers only; in Releases 16.3.2 and later)
      allow-service service-name
      bind interface-name (on vEdge routers only)
      carrier carrier-name
color color [restrict]
      connections-limit number
      encapsulation (gre | ipsec) (on vEdge routers only)
        preference number
        weight number
      hello-interval milliseconds
      hello-tolerance seconds
      hold-time milliseconds (on vEdge routers only)
      last-resort-circuit (on vEdge routers only)
      max-control-connections number
      nat-refresh-interval seconds
    tunnel-destination ip-address (on vEdge routers only)
    tunnel-source ip-address (on vEdge routers only)
    vrrp group-name (on vEdge routers only)
       priority number
       timer seconds
    ! end vpn interface
  ip route ip-address/subnet next-hop-address
  name text  
  router (on vEdge routers only) 
    bgp ... 
    igmp ...
    multicast-replicator local
      threshold number 
    ospf ...
    pim ...
  service service-name address ip-address (on vEdge routers only)

Segmentation Monitoring Commands

Use the following commands to monitor segmentation:

show bgp commands
show interface commands
show ospf commands

  • Was this article helpful?