Use config-exchange to enable configuration exchange.

Use undo config-exchange to disable configuration exchange.


config-exchange { request | set { accept | send } }

undo config-exchange { request | set { accept | send } }


Configuration exchange is disabled.


IKEv2 profile view

Predefined user roles




request: Enables the device to send request messages carrying the configuration request payload during the IKE_AUTH exchange.

set: Specifies the configuration set payload exchange.

accept: Enables the device to accept the configuration set payload carried in Info messages.

send: Enables the device to send Info messages carrying the configuration set payload.

Usage guidelines

The configuration exchange feature enables the local and remote ends to exchange configuration data, such as gateway address, internal IP address, and route. The exchange includes data request and response, and data push and response. The enterprise center can push IP addresses to branches. The branches can request IP addresses, but the requested IP addresses cannot be used.

You can specify both request and set for the device.

If you specify request for the local end, the remote end will respond if it can obtain the requested data.

If you specify set send for the local end, you must specify set accept for the remote end.

The device with set send specified pushes an IP address after the IKEv2 SA is set up if it does not receive any configuration request from the peer.


# Create an IKEv2 profile named profile1.

<Sysname> system-view
[Sysname] ikev2 profile profile1

# Enable the local end to add the configuration request payload to the request message of IKE_AUTH exchange.

[Sysname-ikev2-profile-profile1] config-exchange request

Related commands

display ikev2 profile