R3303-HP HSR6800 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution

351

352

353

354

355

356

357

358

359

360

342

hostname: Specifies the host name of the IPsec remote security gateway, a case-insensitive string of 1 to

255 characters. The host name uniquely identifies the remote IPsec peer and can be resolved to an IP

address by the DNS server.

dynamic: Specifies to use dynamic address resolution for the IPsec remote peer name. If you do not

provide this keyword, the local end has the remote host name resolved only once after you configure the

remote host name.

low-ip-address: Specifies the IP address of the IPsec remote security gateway. It is the lowest address in

the address range if you want to specify a range of addresses.

high-ip-address: Specifies the highest address in the address range if you want to specify a range of

addresses.

Usage guidelines

The IP address configured with the remote-address command must match the local security gateway IP

address that the remote security gateway uses for IKE negotiation, which is the IP address configured with

the local-address command or, if the local-address command is not configured, the primary IP address

of the interface to which the policy is applied.

The local end can be the initiator of IKE negotiation if the remote address is a host IP address or a host

name. The local end can only be the responder of IKE negotiation if the remote address is an address

range that the local end can respond to.

If the IP address of the remote address changes frequently, configure the host name of the remote

gateway with the dynamic keyword so that the local end can use the up-to-date remote IP address to

initiate IKE negotiation.

Related commands

• id-type ip

• local-address

Examples

# Configure the IP address of the remote security gateway as 10.0.0.1.

<Sysname> system-view

[Sysname] ike peer peer1

[Sysname-ike-peer-peer1] remote-address 10.0.0.1

# Configure the host name of the remote gateway as test.com, and specify the local end to dynamically

update the remote IP address.

<Sysname> system-view

[Sysname] ike peer peer2

[Sysname-ike-peer-peer2] remote-address test.com dynamic

remote-name

Use remote-name to configure the name of the remote gateway.

Use undo remote-name to remove the configuration.

Syntax

remote-name name

undo remote-name