Configuring IKEv2 address pools
To perform centralized management on remote users, an IPsec gateway can use an address pool to assign private IP addresses to remote users.
You must use an IKEv2 address pool together with AAA authorization by specifying the IKEv2 address pool as an AAA authorization attribute. For more information about AAA authorization, see "Configuring AAA."
To configure IKEv2 address pools:
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Configure an IKEv2 IPv4 address pool. | ikev2 address-group group-name start-ipv4-address end-ipv4-address [ mask | mask-length ] | By default, no IKEv2 IPv4 address pool exists. |
3. Configure an IKEv2 IPv6 address pool. | ikev2 ipv6-address-group group-name prefix prefix/prefix-len assign-len assign-len | By default, no IKEv2 IPv6 address pool exists. |