R2511-HP MSR Router Series Security Command Reference(V5)
302
# Use the plaintext pre-shard key 111-key for both certificate signing and certificate
authentication.
[Sysname-ikev2-keyring-keyr1-peer-peer1] pre-shared-key simple 111-key
[Sysname-ikev2-keyring-keyr1-peer-peer1] quit
# Create an IKEv2 peer named peer2.
[Sysname-ikev2-keyring-keyr1] peer peer2
# Use the plaintext pre-shard key 111-key-a for certificate signing and 111-key-b for certificate
authentication.
[Sysname-ikev2-keyring-keyr1-peer-peer2] pre-shared-key local simple 111-key-a
[Sysname-ikev2-keyring-keyr1-peer-peer2] pre-shared-key remote simple 111-key-b
• On a responder :
# Create an IKEv2 keyring named telecom.
<Sysname> system-view
[Sysname] ikev2 keyring telecom
# Create an IKEv2 peer named peer1.
[Sysname-ikev2-keyring-telecom] peer peer1
# Use the plaintext pre-shard key 111-key for both certificate signing and certificate
authentication.
[Sysname-ikev2-keyring-telecom-peer-peer1] pre-shared-key simple 111-key
[Sysname-ikev2-keyring-telecom-peer-peer1] quit
# Create an IKEv2 peer named peer2.
[Sysname-ikev2-keyring-telecom] peer peer2
# Use the plaintext pre-shard key 111-key-b for certificate signing and 111-key-a for certificate
authentication.
[Sysname-ikev2-keyring-telecom-peer-peer2] pre-shared-key local simple 111-key-b
[Sysname-ikev2-keyring-telecom-peer-peer2] pre-shared-key remote simple 111-key-a
Related commands
peer (IKEv2 keyring view)
prf (IKEv2 proposal view)
Use prf to specify pseudo-random function (PRF) algorithms for an IKEv2 proposal.
Use undo prf to restore the default.
Syntax
prf { aes-xcbc-mac| md5 | sha1 | sha2-256 } *
undo prf
Default
An IKEv2 proposal has no PRF algorithm.
Views
IKEv2 proposal view
Default command level
2: System level