Updating an existing IPSec connection
Use the ipsec_connection_update command to update an existing IPSec connection.
ipsec_connection_update ipsec_connection=ConnectionName [ left=IPInterfaceName ]
[ right_ip=RightIpAddress ] [ passkey=PassKey | certificate=PemCertificate ]
Parameters
| Name | Type | Description | Mandatory | Default |
|---|---|---|---|---|
| ipsec_connection | Object name | The name of the IPSec connection to be updated. | Y | N/A |
| left | Object name | The name of the IP interface to be used as left side: management or
VPN. |
N | None |
| right_ip | N/A | The IP address of the right side. | N | None |
| passkey | N/A | Pre-shared key. | N | None |
| certificate | N/A | The content of a .pem file, with asterisks (*) instead of
newlines. In Windows, drag-and-drop the .pem file from the Windows Explorer to the
appropriate location in the XCLI session window; the content will be added automatically. |
N | None |
This command updates an existing IPSec connection between an IP interface and the right side.
IP interface can be either
management or VPN. If specified:- the address of the right side is IPv4 or IPv6; otherwise the right side can be any
- the pre-shared key must be shared between the left and the right sides
- the certificate must contain a public key of the right side.
Example:
ipsec_connection_update ipsec_connection=MySec passkey="MyNewPass!@#"Access control
| User Category | Permission |
|---|---|
| Storage administrator | Allowed |
| Storage integration administrator | Disallowed |
| Application administrator | Disallowed |
| Security administrator | Disallowed |
| Read-only users | Disallowed |
| Technicians | Allowed |
Return codes
-
IPSEC_CONNECTION_DOES_NOT_EXIST
The specified IPSec connection does not exist
-
IPSEC_CONNECTION_EXISTS
The IPSec connection already exists
-
LEFT_INTERFACE_NOT_FOUND
The specified left side interface was not found
-
IPSEC_UNSUPPORTED_FOR_ISCSI
IPSec is unsupported for iSCSI ports
-
SSL_CERTIFICATE_CHAIN_EMPTY
No certificates found in input.
-
SSL_CERTIFICATE_HAS_EXPIRED
SSL certificate has expired.
-
SSL_CERTIFICATE_INVALID_FORMAT
SSL certificate format is invalid or corrupted.
-
SSL_CERTIFICATE_ISSUER_NOT_FOUND
SSL certificate issuer not found in certificate chain.
-
SSL_CERTIFICATE_NOT_YET_VALID
SSL certificate is not yet valid.
-
SSL_CERTIFICATE_VERIFICATION_FAILED
SSL certificate chain verification failed.
-
SSL_CERTIFICATE_VERIFICATION_INTERNAL_ERROR
SSL certificate verification has failed because of internal system error.