96
Default
No local ID is specified. The IP address of the interface to which the IPsec policy is applied is used as
the local ID.
Views
IKEv2 profile view
Predefined user roles
network-admin
Parameters
address { ipv4-address | ipv6 ipv6-address }: Uses an IPv4 or IPv6 address as the local ID.
dn: Uses the DN in the local certificate as the local ID.
email email-string: Uses an email address as the local ID. The email-string argument is a
case-sensitive string of 1 to 255 characters in the format defined by RFC 822, such as
sec@abc.com.
fqdn fqdn-name: Uses an FQDN as the local ID. The fqdn-name argument is a case-sensitive string
of 1 to 255 characters, such as www.test.com.
key-id key-id-string: Uses the device's key ID as the local ID. The key-id-string argument is a
case-sensitive string of 1 to 255 characters, and is usually a vendor-specific string for doing
proprietary types of identification.
Usage guidelines
Peers exchange local IDs for identifying each other in negotiation.
Examples
# Create an IKEv2 profile named profile1.
<Sysname> system-view
[Sysname] ikev2 profile profile1
# Use the IP address 2.2.2.2 as the local ID.
[Sysname-ikev2-profile-profile1] identity local address 2.2.2.2
Related commands
peer
New command: ikev2 address-group
Use ikev2 address-group to configure an IKEv2 IPv4 address pool for assigning IPv4 addresses to
remote peers.
Use undo ikev2 address-group to delete an IKEv2 IPv4 address pool.
Syntax
ikev2 address-group group-name start-ipv4-address end-ipv4-address [ mask | mask-length ]
undo ikev2 address-group group-name
To Next Page
Loading...
Need help?
General
