[x]

Configuring an IKE profile > Configuring the local ID for the IKE profile

 

 Next

Configuring the local ID for the IKE profile

Restrictions and guidelines

For digital signature authentication, the device can use an ID of any type. If the local ID is an IP address that is different from the IP address in the local certificate, the device uses the FQDN (the device name configured by using the sysname command) instead.

For pre-shared key authentication, the device can use an ID of any type other than the DN.

Procedure

  1. Enter system view.

    system-view

  2. Enter IKE profile view.

    ike profile profile-name

  3. Configure the local ID.

    local-identity { address { ipv4-address | ipv6 ipv6-address } | dn | fqdn [ fqdn-name ] | user-fqdn [ user-fqdn-name ] }

    By default, no local ID is configured for an IKE profile, and an IKE profile uses the local ID configured in system view. If the local ID is not configured in system view, the IKE profile uses the IP address of the interface to which the IPsec policy or IPsec policy template is applied as the local ID.

prev

 

up

 next

Specifying IKE proposals for the IKE profile 

home

 Specifying an inside VPN instance for the IKE profile

© Copyright 2017 Hewlett Packard Enterprise Development LP