remote ike-identity

Function

The remote ike-identity command specifies a filter set for allowed IKE peers.

The undo remote ike-identity command deletes a filter set for allowed IKE peers.

By default, no filter set is configured for allowed IKE peers.

This command is supported only on the NetEngine 8000 F1A.

Format

remote ike-identity name

undo remote ike-identity

Parameters

Parameter Description Value
name

Specifies the name of a filter set for IKE peers.

The value is a string of 1 to 15 case-insensitive characters.

Views

IPsec profile view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
ike write

Usage Guidelines

To specify a filter set for allowed IKE peers, run the remote ike-identity command. In IKE negotiation, a local device filters IKE peers based on the configured filter set. If an IKE peer does not meet the filter conditions, IKE negotiation fails.

Example

# Configure a filter set named identity1 used in IKE negotiation.
<HUAWEI> system-view
[~HUAWEI] ike identity identity1
[*HUAWEI-ike-identity-identity1] quit
[*HUAWEI] ipsec policy huawei profile
[*HUAWEI-ipsec-profile-huawei] remote ike-identity identity1
Parent Topic: IPSec Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >