83
Remote authentication methods: pre-share
Keychain: Keychain1
Sign certificate domain:
Domain1
abc
Verify certificate domain:
Domain2
yy
SA duration: 500 seconds
DPD: Interval 32 secs, retry-interval 23 secs, periodic
Config exchange: request, set accept, set send
NAT keepalive: 10 seconds
AAA authorization: Domain domain1, username ikev2
Table 5 Command output
IKEv2 profile Name of the IKEv2 profile.
Priority Priority of the IKEv2 profile.
Match criteria Criteria for looking up the IKEv2 profile.
Inside vrf Inside VPN instance.
Local identity ID of the local end.
Local authentication method Method that the local end uses for authentication.
Remote authentication methods Methods that the remote end uses for authentication.
Keychain IKEv2 keychain that the IKEv2 profile uses.
Sign certificate domain PKI domain used for signature generation.
Verify certificate domain PKI domain used for verifying the remote end's certificate.
SA duration Lifetime of the IKEv2 SA.
DPD
DPD settings:
• Detection interval in seconds.
• Retry interval in seconds.
• Detection mode, on demand or periodically.
If DPD is disabled, this field displays
.
Config exchange
Configuration exchange settings:
• request—The local end sends request messages
carrying the configuration request payload during the
IKE_AUTH exchange.
• set accept—The local end accepts the configuration set
payload carried in Info messages.
• set send—The local end sends Info messages carrying
the configuration set payload.
NAT keepalive NAT keepalive interval in seconds.
AAA authorization
AAA authorization settings:
• ISP domain name.
• Username.
To Next Page
Loading...
