Manualshelf

R2511-HP MSR Router Series Security Command Reference(V5)

ManualsBrandsHP ManualsNetwork HardwareHP MSR1003-8 AC Router
291292293294295296297298299300
282
Related commands
peer (IKEv2 keyring view)
identity local
Use identity local to configure the local identity information. The device uses this information as its own
ID during the IKE_AUTH exchange.
Use undo identity local to delete the local identity information.
Syntax
identity local { address { ipv4-address | ipv6 ipv6-address } | dn | email email-string | fqdn fqdn-name
| key-id key-id }
undo identity local { address { ipv4-address | ipv6 ipv6-address } | dn | email email-string | fqdn
fqdn-name | key-id key-id }
Default
No local identity information is configured.
Views
IKEv2 profile view
Default command level
2: System level
Parameters
address { ipv4-address | ipv6 ipv6-address }: Uses an IP address as the local ID.
dn: Uses the distinguished name (DN) as the local ID.
email email-string: Uses an email address as the local ID. The email-string argument is a case-sensitive
string of 1 to 255 characters in the format defined by RFC 822, such as esec@test.com.
fqdn fqdn-name: Uses a FQDN as the local ID. The fqdn-name argument is a case-sensitive string of 1
to 255 characters, such as www.test.com.
key-id key-id: Uses the local gateway's key ID as the local ID. The key-id argument is a case-sensitive
string of 1 to 255 characters, and is usually a vendor-specific string for doing proprietary types of
identification.
Usage guidelines
You can use this command repeatedly to configure multiple local IDs.
With the RSA digital signature authentication method, you can configure any type of identity information.
With the pre-shared key authentication method, you cannot configure a DN as the identity information.
The local identity information configured on an initiator by this command must match the remote identify
information configured on the responder by using the match identity remote command to search for an
IKEv2 profile.
Examples
# Create an IKEv2 profile named profile1.
<Sysname> system-view
[Sysname] ikev2 profile profile1
# Use IP address 2.2.2.2 as the local ID.