[x]

IKE configuration commands > remote-address

 

 Next

remote-address

Syntax

remote-address { hostname [ dynamic ] | low-ip-address [ high-ip-address ] }

undo remote-address

View

IKE peer view

Default level

2: System level

Parameters

hostname: Host name of the IPsec remote security gateway, a case-insensitive string of 1 to 255 characters. The host name uniquely identifies the remote IPsec peer and can be resolved to an IP address by the DNS server.

dynamic: Specifies to use dynamic address resolution for the IPsec remote peer name. If you do not provide this keyword, the local peer has the remote host name resolved only once after you configure the remote host name.

low-ip-address: IP address of the IPsec remote security gateway. It is the lowest address in the address range if you want to specify a range of addresses.

high-ip-address: Highest address in the address range if you want to specify a range of addresses.

Description

Use the remote-address command to configure the IP address of the IPsec remote security gateway.

Use the undo remote-address command to remove the configuration.

The IP address configured with the remote-address command must match the local security gateway IP address that the remote security gateway uses for IKE negotiation, which is the IP address configured with the local-address command or, if the local-address command is not configured, the primary IP address of the interface to which the policy is applied.

The local peer can be the initiator of IKE negotiation if the remote address is a host IP address or a host name. The local end can only be the responder of IKE negotiation if the remote address is an address range that the local peer can respond to.

If the IP address of the remote address changes frequently, configure the host name of the remote gateway with the dynamic keyword so that the local peer can use the up-to-date remote IP address to initiate IKE negotiation.

Related commands: id-type ip and local-address.

Examples

# Configure the IP address of the remote security gateway as 10.0.0.1. 

<Sysname> system-view
[Sysname] ike peer peer1
[Sysname-ike-peer-peer1] remote-address 10.0.0.1

# Configure the host name of the remote gateway as test.com, and specify the local peer to dynamically update the remote IP address.

<Sysname> system-view
[Sysname] ike peer peer2
[Sysname-ike-peer-peer2] remote-address test.com dynamic

prev

 

up

 next

proposal (IKE peer view) 

home

 remote-name

© Copyright 2016 Hewlett Packard Enterprise Development LP