ip4_address_t ip4;
ip4_address_t end_addr;
u32 responder_sw_if_index = (u32) ~ 0;
+ u32 tun_sw_if_index = (u32) ~ 0;
ip4_address_t responder_ip4;
ikev2_transform_encr_type_t crypto_alg;
ikev2_transform_integ_type_t integ_alg;
responder_ip4);
goto done;
}
+ else if (unformat (line_input, "set %U tunnel %U",
+ unformat_token, valid_chars, &name,
+ unformat_vnet_sw_interface, vnm, &tun_sw_if_index))
+ {
+ r = ikev2_set_profile_tunnel_interface (vm, name, tun_sw_if_index);
+ goto done;
+ }
else
if (unformat
(line_input,
ikev2_set_profile_sa_lifetime (vm, name, tmp4, tmp1, tmp2, tmp5);
goto done;
}
+ else if (unformat (line_input, "set %U udp-encap",
+ unformat_token, valid_chars, &name))
+ {
+ r = ikev2_set_profile_udp_encap (vm, name);
+ goto done;
+ }
else
break;
}
"ikev2 profile set <id> auth [rsa-sig|shared-key-mic] [cert-file|string|hex]"
" <data>\n"
"ikev2 profile set <id> id <local|remote> <type> <data>\n"
+ "ikev2 profile set <id> tunnel <interface>\n"
+ "ikev2 profile set <id> udp-encap\n"
"ikev2 profile set <id> traffic-selector <local|remote> ip-range "
"<start-addr> - <end-addr> port-range <start-port> - <end-port> "
"protocol <protocol-number>\n"
format_ip4_address, &p->rem_ts.end_addr,
p->rem_ts.start_port, p->rem_ts.end_port,
p->rem_ts.protocol_id);
+ if (~0 != p->tun_itf)
+ vlib_cli_output(vm, " protected tunnel %U",
+ format_vnet_sw_if_index_name, vnet_get_main(), p->tun_itf);
+ if (p->udp_encap)
+ vlib_cli_output(vm, " udp-encap");
}));
/* *INDENT-ON* */