Reference Guide (Supporting software release 5.5.0.0 and later) Owner manual
Brocade Mobility RFS Controller CLI Reference Guide 611
53-1003098-01
7
ip
crypto-map auto-vpn-tunnel/remote-vpn-client instance
Enables this setting to utilize IP/Port NAT on this auto site-to-site VPN tunnel. This setting is
disabled by default.
Supported in the following platforms:
• Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point
• Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000
• Service Platforms — Brocade Mobility RFS9510
Syntax:
ip nat crypto
Parameters
ip nat crypto
Example
rfs4000-229D58(config-device-00-23-68-22-9D-58-cryptomap-test#1)#ip nat
crypto
rfs4000-229D58(config-device-00-23-68-22-9D-58-cryptomap-test#1)#show context
crypto map test 1 ipsec-isakmp
ip nat crypto
rfs4000-229D58(config-device-00-23-68-22-9D-58-cryptomap-test#1)#
local-endpoint-ip
crypto-map auto-vpn-tunnel/remote-vpn-client instance
Uses the configured IP as local tunnel endpoint address, instead of the interface IP
Supported in the following platforms:
remote-type Configures the remote VPN client type as either None or XAuth. This command is applicable
only to the remote VPN client.
page 615
security-association Defines this automatic VPN tunnel’s IPSec SA settings. This command is applicable to the
site-to-site VPN tunnel and remote VPN client.
page 616
transform-set Applies a transform set (encryption and hash algorithms) to the VPN tunnel. This command is
applicable to the site-to-site VPN tunnel and remote VPN client.
page 617
use Applies an existing and configured IP access list to the VPN tunnel. This command is
applicable to the site-to-site VPN tunnel and remote VPN client.
page 618
no Removes or reverts site-to-site VPN tunnel or remote VPN client settings page 619
Command Description Reference
ip nat crypto Enables this setting to utilize IP/Port NAT on the site-to-site VPN tunnel. This setting is disabled by default.