110
Related commands
display ikev2 policy
match vrf
New command: match remote
Use match remote to configure a peer ID that an IKEv2 profile matches.
Use undo match remote to delete a peer ID that an IKEv2 profile matches.
Syntax
match remote { certificate policy-name | identity { address { { ipv4-address [ mask | mask-length ]
| range low-ipv4-address high-ipv4-address } | ipv6 { ipv6-address [ prefix-length ] | range
low-ipv6-address high-ipv6-address } } | fqdn fqdn-name | email email-string | key-id key-id-string } }
undo match remote { certificate policy-name | identity { address { { ipv4-address [ mask
|mask-length ] | range low-ipv4-address high-ipv4-address } | ipv6 { ipv6-address [ prefix-length ] |
range low-ipv6-address high-ipv6-address } } | fqdn fqdn-name | email email-string | key-id
key-id-string } }
Default
No matching peer ID is configured for an IKEv2 profile.
Views
IKEv2 profile view
Predefined user roles
network-admin
Parameters
certificate policy-name: Uses the information in the peer's digital certificate as the peer ID for IKEv2
profile matching. The policy-name argument specifies a certificate-based access control policy by its
name, a case-insensitive string of 1 to 31 characters.
identity: Uses the specified information as the peer ID for IKEv2 profile matching. The specified
information is configured on the peer by using the identity local command.
address ipv4-address [ mask | mask-length ]: Uses an IPv4 host address or an IPv4 subnet
address as the peer ID for IKEv2 profile matching. The value range for the mask-length
argument is 0 to 32.
address range low-ipv4-address high-ipv4-address: Uses a range of IPv4 addresses as the
peer ID for IKEv2 profile matching. The end address must be higher than the start address.
address ipv6 ipv6-address [ prefix-length ]: Uses an IPv6 host address or an IPv6 subnet
address as the peer ID for IKEv2 profile matching. The value range for the prefix-length
argument is 0 to 128.
address ipv6 range low-ipv6-address high-ipv6-address: Uses a range of IPv6 addresses as
the peer ID for IKEv2 profile matching. The end address must be higher than the start address.
To Next Page
Loading...
Need help?
General
