dn

Function

The dn command configures a distinguished name (DN) for a digital certificate of an allowed IKE peer.

The undo dn command deletes the DN of a digital certificate of an allowed IKE peer.

By default, no DN is configured for an allowed IKE peer.

This command is supported only on the NetEngine 8000 F1A.

Format

dn dn

undo dn dn

Parameters

Parameter	Description	Value
dn	Specifies a DN of an entity.	The value is a string of 1 to 255 case-sensitive characters. The string does not contain question marks or spaces. The string can contain spaces if it is enclosed with double quotation marks (").

Parameter

Description

Value

Specifies a DN of an entity.

The value is a string of 1 to 255 case-sensitive characters. The string does not contain question marks or spaces. The string can contain spaces if it is enclosed with double quotation marks (").

Views

IKE peer filter set view

Default Level

2: Configuration level

Task Name and Operations

Task Name	Operations
ike	write

Usage Guidelines

To configure a DN for a digital certificate of an allowed IKE peer, run the dn command. The configured DN helps a local device filter access IKE peers. If a DN inconsistency occurs, IKE peer negotiation fails.

Example

# Set the DN to admin for an allowed IKE peer.

<HUAWEI> system-view
[~HUAWEI] ike identity identity1
[*HUAWEI-ike-identity-identity1] dn admin