Enabling the cookie challenging feature
Enable cookie challenging on responders to protect them against DoS attacks that use a large number of source IP addresses to forge IKE_SA_INIT requests.
To enable cookie challenging:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Enable cookie challenging. | ikev2 cookie-challenge number | By default, IKEv2 cookie challenging is disabled.. |