TMS zl Management and Configuration Guide ST.1.1.100226
A-120
Command-Line Reference
IKEv1 Context
For example:
ProCurve(tms-module-<slot ID>:ikev1)# authentication
exchange-mode main method preshared-key
Preshared Key:**********
Confirm Preshared Key:**********
identities
To configure the local ID that the TMS zl Module sends to authenticate itself
and the remote ID that the remote gateway or clients sends to authenticate,
type the following command:
Syntax: identities local type <local ID> remote <remote ID>
For <local ID> and <remote ID> specify one of the options shown in
Table A-37. The local ID must match exactly (in both type and value) the
remote ID configured on the remote endpoint and vice versa. You can include
wildcards for the remote ID, which helps the policy to match multiple remote
clients.
Note When you use certificates for IKEv1 authentication, you must match local and
remote IDs to subject names in the module’s and remote endpoints’ certifi-
cates.
Table A-37. Local and Remote IDs
Command Option Purpose Format Wildcards for Remote IDs
ip-addr <IP address> Specifies an IP address for the
ID.
This value must be the IP
address for the module
interface that handles
incoming VPN traffic (also set
as the local gateway address).
A.B.C.D
Example: 192.168.1.100
0.0.0.0
domain-name <domain
name>
Specifies an FQDN for the ID. <name.domainname>
Example: tms.procurve.com
<domainname>
Example: procurve.com
email-addr <email
address>
Specifies an email address for
the ID (does not need to be a
real email address).
<name>@<domainname>
Example: tms@procurve.com
*@<domainname>
Example: *@procurve.com
distinguished-name
<distinguished name>
Specifies a distinguished
name for the ID.
/CN=<commonname>
Example: /CN=TMSzl-C,C=US,
S=CA,L=Roseville,O=ProCurv
e,OU=EngTesting
•/CN=*
•/*
Example: /CN=*,C=US,
S=CA,L=Roseville,O=ProCurv
e,OU=EngTesting