Enabling the cookie challenging feature

Enable cookie challenging on responders to protect them against DoS attacks that use a large number of source IP addresses to forge IKE_SA_INIT requests.

1. Enter system view.

   system-view

2. Enable IKEv2 cookie challenging.

   ikev2 cookie-challenge number

   By default, IKEv2 cookie challenging is disabled.