79
Usage guidelines
The configuration exchange feature enables the local and remote ends to exchange configuration
data, such as gateway address, internal IP address, and route. The exchange includes data request
and response, and data push and response. The enterprise center can push IP addresses to
branches. The branches can request IP addresses, but the requested IP addresses cannot be used.
You can specify both request and set for the device.
If you specify request for the local end, the remote end will respond if it can obtain the requested
data through AAA authorization.
If you specify set send for the local end, you must specify set accept for the remote end.
The device with set send specified pushes an IP address after the IKEv2 SA is set up if it does not
receive any configuration request from the peer.
Examples
# Create an IKEv2 profile named profile1.
<Sysname> system-view
[Sysname] ikev2 profile profile1
# Enable the local end to add the configuration request payload to the request message of
IKE_AUTH exchange.
[Sysname-ikev2-profile-profile1] config-exchange request
Related commands
aaa authorization
configuration policy
display ikev2 profile
New command: description
Use description to configure a description for an IKE proposal.
Use undo description to restore the default.
Syntax
description text
undo description
Default
An IKE proposal does not have a description.
Views
IKE proposal view
Predefined user roles
network-admin