Concept Guide
314| crypto-local ipsec-map Dell Networking W-Series ArubaOS 6.5.x| Reference Guide
Parameter Description Range Default
ip access-group
<access-group> in
Attach a route access control list (ACL) to
the IPsec map for a site-to-site VPN. When
you associate a routing ACL to inbound
traffic on a controller terminating a site-to-
site VPN, that ACL can forward traffic as
normal, routetraffic to a nexthop router on
a nexthop list, or redirect traffic over an L3
GRE tunnel or tunnel group. For more
information on creating a routing ACL, see ip
access-list route.
— —
ip-compression dis-
able|enable
Enable compression for traffic in an IKEv2
site-to-site tunnel between a master and
local W-7000 Series controller. Compression
is disabled by default.
— —
no
Negates a configured parameter. — —
local-fqdn
<local_id_fqdn>
If the local controller has a dynamic IP
address, you must specify the fully qualified
domain name (FQDN) of the controller to
configure it as a initiator of IKE aggressive-
mode.
— —
peer-cert-dn
<peer-dn>
If you are using IKEv2 to establish a site-to-
site VPN to a statically addressed remote
peer, identify the peer device by entering its
certificate subject name in the Peer
Certificate Subject Name field
— —
peer-ip <ipaddr>
If you are using IKEv1 to establish a site-to-
site VPN to a statically addressed remote
peer, identify the peer device by enteringIP
address of the peer gateway.
NOTE: If you are configuring an IPsec map
for a static-ip controller with a dynamically
addressed remote peer, you must leave the
peer gateway set to its default value of
0.0.0.0.
— —
peer-fqdn
For site-to-site VPNs with dynamically
addressed peers, specify a fully qualified
domain name (FQDN) for the controller.
any-fqdn
fqdn-id
any-
fqdn
any-fqdn
If the controller is defined as a dynamically
addressed responder, you can select any-
fqdn to make the controller a responder for
all VPN peers,
— —
fqdn-id
<peer-id-fqdn>
Specify the FQDN of a peer to make the
controller a responder for one specific
initiator only.
— —