Restrictions
-
Secure overlay is supported on:
-
IPSec IKEv2
-
IPv4
-
Pre-shared-key authentication
-
IKE cipher: aes128-sha1-mopd1536
-
ESP cipher: aes128-sha1
-
Local-system-ip unique to each NFVIS device
-
Local-bridge: Wan-br and Wan2-br
-
-
When the guest VM is deployed and single-ip-mode is configured:
-
The configuration requests can be sent in one NETCONF commit.
-
If the configuration requests are sent separately, then commit single-ip-mode creation request first. NFVIS releases the WAN IP address only after the guest device is deployed.
-
If you commit the guest device deployement configuration first, commit the single-ip-mode configuration request before the guest device is active. The guest VM will have conflicting IP address if the commit is delayed.
-
-
When the guest device and single-ip-mode configurations need to be deleted:
-
The two deletion requests can be sent in one NETCONF commit.
-
If the two deletion requests are sent separately,commit the guest device deletion first.
-