setvpn
The setvpn command starts or ends an outbound virtual private network connection (VPN).
Note: VPN is no longer supported as a remote support connectivity option
for call home and remote access functions. As a result, starting with DS8000® Release 8, the
setvpn command is no longer supported.
During the installation, the hardware management console (HMC) sends a certificate (signed public key) for server authentication and for SSL encryption of applications using VPN (Internet and modem) connections.
You can use the setvpn command to start or stop the session and to create a secure connection. In addition, the VPN server does additional authentication to allow traffic to certain servers only, for the call home feature and remote service.
Notes:
- Only technical support personnel with special access rights can use the VPN connection.
- The setvpn command is used when remote access is required by technical support personnel and there is no local on-site access to the machine.
- It can take from 2 to 10 minutes for the secure connection to be established and recognized by the RS3/RS4 server.
- The secure connection ends automatically when the terminal emulation session ends. However, you also have the ability to end the session earlier by issuing the setvpn -action disconnect command.
- The -vpnaddr parameter requires that you specify a value for either smc1 or smc2. If you do not specify the -vpnaddr parameter, the storage management console (SMC) for the current connection is used. The SMC address is taken from the profile file or the SMC address that you specify on the DS CLI command line.
Parameters
- -vpnaddr smc1 | smc2
- (Optional) The VPN server machine. In addition, you can specify where you want the outbound VPN
to start from by designating the following values:
- smc1
- The management console (SMC) where you want the outbound VPN to start from. The console that you have specified in your profile for hmc1 starts your DS CLI session, unless you specify a console that is not designated in your profile. In this case, the console that you specify to start your session is the one where the connection is made.
- smc2
- The management console where you want the outbound VPN to start from. The console that you have specified in your profile for hmc2 starts your DS CLI session, unless you specify a console that is not designated in your profile. In this case, the console that you specify to start your session is the one where the connection is made.
- -action connect | disconnect
- (Required) The secure VPN connection be started or disconnected.
Example: Starting or ending an outbound virtual private network connection (VPN)
dscli> setvpn –vpnaddr smc1 –action connect
Output
Sun July 10 02:23:49 PST 2016 DS CLI Version: 5.0.0.0 DS: IBM.2107-75FA120
Secure connection started.