R2511-HP MSR Router Series Security Command Reference(V5)
281
# Configure the host name test for the peer.
[Sysname-ikev2-keyring-keyr1-peer-peer1] hostname test
Related commands
peer (IKEv2 keyring view)
identity (IKEv2 peer view)
Use identity to specify an ID for an IKEv2 peer. When working as an IKEv2 negotiation responder, the
device uses this information to identify an IKEv2 peer and search for the pre-shared key. When initiating
an IKEv2 negotiation, the initiator does not know the ID of a peer.
Use undo identity to delete the ID.
Syntax
identity { address { ipv4-address | ipv6 ipv6-address } | email email-string | fqdn fqdn-name | key-id
key-id }
undo identity { address { ipv4-address | ipv6 ipv6-address } | email email-string | fqdn name | key-id
key-id }
Default
An IKEv2 peer has no ID.
Views
IKEv2 peer view
Default command level
2: System level
Parameters
address { ipv4-address | ipv6 ipv6-address }: Uses an IP address as the ID of the peer.
email email-string: Uses an email address as the ID of the peer. The email-string argument is a
case-sensitive string of 1 to 255 characters in the format defined by RFC 822, such as sec@abc.com.
fqdn fqdn-name: Uses a fully-qualified domain name (FQDN) as the ID of the peer. The fqdn-name
argument is a case-sensitive string of 1 to 255 characters, such as www.test.com.
key-id key-id: Uses the remote gateway's key ID as the ID of the peer. The key-id argument is a
case-sensitive string of 1 to 255 characters, and is usually a vendor-specific string for doing proprietary
types of identification.
Usage guidelines
You must configure different identity information for different peers.
Examples
# Create an IKEv2 keyring named keyr1.
<Sysname> system-view
[Sysname] ikev2 keyring keyr1
# Create an IKEv2 peer named peer1.
[Sysname-ikev2-keyring-keyr1] peer peer1
# Configure FQDN www.test.com as the ID of the peer.
[Sysname-ikev2-keyring-keyr1-peer-peer1] identity fqdn www.test.com