display ikev2 profile
Use display ikev2 profile to display the IKEv2 profile configuration.
Syntax
display ikev2 profile [ profile-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
profile-name: Specifies an IKEv2 profile by its name, a case-insensitive string of 1 to 63 characters. If you do not specify an IKEv2 profile, this command displays the configuration of all IKEv2 profiles.
Examples
# Display the configuration of all IKEv2 profiles.
<Sysname> display ikev2 profile IKEv2 profile: 1 Priority: 100 Match criteria: Local address 1.1.1.1 Local address Vlan-interface100 Local address 1:1::1:1 Remote identity ipv4 address 3.3.3.3/32 VRF vrf1 Inside-vrf: Local identity: address 1.1.1.1 Local authentication method: pre-share Remote authentication methods: pre-share Keychain: Keychain1 Sign certificate domain: Domain1 abc Verify certificate domain: Domain2 yy SA duration: 500 DPD: Interval 32, retry 23, periodic Config exchange: Request, Set send, Set accept NAT keepalive: 10
Table 51: Command output
Field | Description |
---|---|
IKEv2 profile | Name of the IKEv2 profile. |
Priority | Priority of the IKEv2 profile. |
Match criteria | Criteria for looking up the IKEv2 profile. |
Inside-vrf | Inside VRF instance. |
Local identity | ID of the local end. |
Local authentication method | Method that the local end uses for authentication. |
Remote authentication methods | Methods that the remote end uses for authentication. |
Keychain | IKEv2 keychain that the IKEv2 profile uses. |
Sign certificate domain | PKI domain used for signature generation. |
Verify certificate domain | PKI domain used for verifying the remote end's certificate. |
SA duration | Lifetime of the IKEv2 SA. |
DPD | DPD settings:
If DPD is disabled, this field displays Disabled. |
Config exchange | Configuration exchange settings:
|
NAT keepalive | NAT keepalive interval in seconds. |
Related commands
ikev2 profile