[x]

Configuring an IKEv2 profile > Configuring the local ID for the IKEv2 profile

 

 Next

Configuring the local ID for the IKEv2 profile

Restrictions and guidelines

For digital signature authentication, the device can use an ID of any type. If the local ID is an IP address that is different from the IP address in the local certificate, the device uses the FQDN as the local ID. The FQDN is the device name configured by using the sysname command.

For pre-shared key authentication, the device can use an ID of any type other than the DN.

Procedure

  1. Enter system view.

    system-view

  2. Enter IKEv2 profile view.

    ikev2 profile profile-name

  3. Configure the local ID.

    identity local { address { ipv4-address | ipv6 ipv6-address } | dn | email email-string | fqdn fqdn-name | key-id key-id-string }

    By default, no local ID is configured, and the device uses the IP address of the interface where the IPsec policy applies as the local ID.

prev

 

up

 next

Configuring the IKEv2 keychain or PKI domain 

home

 Configuring peer IDs for the IKEv2 profile

© Copyright 2017 Hewlett Packard Enterprise Development LP