ike-peer

Function

The ike-peer command sets the IKE peer in the IPSec policy.

The undo ike-peer command restores the default setting.

By default, the IKE peer is not set for the policy.

This command is supported only on the NetEngine 8000 F1A.

Format

ike-peer peer-name

undo ike-peer peer-name

Parameters

Parameter Description Value
peer-name

Indicates the name of the IKE peer.

It is a string of 1 to 15 case sensitive characters.

Views

IPsec profile view, IPsec policy template view, ISAKMP IPsec policy view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
ike write

Usage Guidelines

This command is only used for the SA setup in the isakmp mode.

You are recommended to configure the range of the remote address of the IKE peer in an IPSec policy template.

After an IPSec policy is applied to an interface, you cannot run the ike-peer command to modify the IKE peer quoted by the IPSec policy. After an IPSec policy template is quoted by an IPSec policy, you cannot run the ike-peer command to modify the IKE peer quoted by the IPSec policy template.

Example

# Set the IKE peer peer1 in the IPsec policy policy1.
<HUAWEI> system-view
[~HUAWEI] ike proposal 20
[*HUAWEI-ike-proposal-20] authentication-method pre-share
[*HUAWEI-ike-proposal-20] authentication-algorithm sha2-256
[*HUAWEI-ike-proposal-20] dh group14
[*HUAWEI-ike-proposal-20] quit
[*HUAWEI] commit
[~HUAWEI] ike peer peer1
[*HUAWEI-ike-peer-peer1] ike-proposal 20
[*HUAWEI-ike-peer-peer1] pre-shared-key abcde
[*HUAWEI-ike-peer-peer1] quit
[~HUAWEI] ipsec policy policy1 1 isakmp
[*HUAWEI-ipsec-policy-isakmp-policy1-1] ike-peer peer1
Parent Topic: IPSec Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >