display ikev2 profile
Use display ikev2 profile to display the IKEv2 profile configuration.
Syntax
display ikev2 profile [ profile-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
profile-name: Specifies an IKEv2 profile by its name, a case-insensitive string of 1 to 63 characters. If you do not specify an IKEv2 profile, this command displays the configuration of all IKEv2 profiles.
Examples
# Display the configuration of all IKEv2 profiles.
<Sysname> display ikev2 profile
IKEv2 profile: 1
Priority: 100
Match criteria:
Local address 1.1.1.1
Local address Vlan-interface100
Local address 1:1::1:1
Remote identity ipv4 address 3.3.3.3/32
VRF vrf1
Inside-vrf:
Local identity: address 1.1.1.1
Local authentication method: pre-share
Remote authentication methods: pre-share
Keychain: Keychain1
Sign certificate domain:
Domain1
abc
Verify certificate domain:
Domain2
yy
SA duration: 500
DPD: Interval 32, retry 23, periodic
Config exchange: Request, Set send, Set accept
NAT keepalive: 10
Table 51: Command output
Field | Description |
|---|---|
IKEv2 profile | Name of the IKEv2 profile. |
Priority | Priority of the IKEv2 profile. |
Match criteria | Criteria for looking up the IKEv2 profile. |
Inside-vrf | Inside VRF instance. |
Local identity | ID of the local end. |
Local authentication method | Method that the local end uses for authentication. |
Remote authentication methods | Methods that the remote end uses for authentication. |
Keychain | IKEv2 keychain that the IKEv2 profile uses. |
Sign certificate domain | PKI domain used for signature generation. |
Verify certificate domain | PKI domain used for verifying the remote end's certificate. |
SA duration | Lifetime of the IKEv2 SA. |
DPD | DPD settings:
If DPD is disabled, this field displays Disabled. |
Config exchange | Configuration exchange settings:
|
NAT keepalive | NAT keepalive interval in seconds. |
Related commands
ikev2 profile