1. ACLI Reference Guide
  2. ACLI Configuration Elements A-M
  3. ipsec > security-policy > outbound-sa-fine-grained-mask

ipsec > security-policy > outbound-sa-fine-grained-mask

This configuration element allows you to configure a fine grained security policy.

Parameters

local-ip-mask
Enter the local IP address mask
  • Default: 255.255.255.255
remote-ip-mask
Enter the remote IP address mask.
  • Default: 255.255.255.255
local-port-mask
Enter the local port mask for this security policy.
  • Default: 0
  • Values: Min: 0 / Max: 65535
remote-port-mask
Enter the remote port mask for this security policy.
  • Default: 0
  • Values: Min: 0 / Max: 65535
trans-protocol-mask
Enter the transport protocol mask for this security policy
  • Default: 0
  • Values: Min: 0 | Max: 255
vlan-mask
Enter the VLAN ID mask
  • Default: 0x000
  • Values: 0x000 (disabled)-0xFFF

Path

outbound-sa-fine-grained-mask is a subelement under the ipsec>security-policy element. The full path from the topmost ACLI prompt is: configure-terminal > security > ipsec > security-policy > outbound-sa-fine-grained-mask.