identity

Use identity to specify the ID of an IKEv2 peer.

Use undo identity to restore the default.

Syntax

identity { address { ipv4-address | ipv6 { ipv6-address } } | fqdn fqdn-name | email email-string | key-id key-id-string }

undo identity

Default

The IKEv2 peer's ID is not specified.

Views

IKEv2 peer view

Predefined user roles

network-admin

mdc-admin

Parameters

ipv4-address: Specifies the IPv4 address of the peer.

ipv6 ipv6-address: Specifies the IPv6 address of the peer.

fqdn fqdn-name: Specifies the FQDN of the peer. The fqdn-name argument is a case-sensitive string of 1 to 255 characters, such as www.test.com.

email email-string: Specifies the email address of the peer. The email-string argument is a case-sensitive string of 1 to 255 characters in the format defined by RFC 822, such as esec@test.com.

key-id key-id-string: Specifies the remote gateway's key ID. The key-id-string argument is a case-sensitive string of 1 to 255 characters, and is usually a vendor-specific string for doing proprietary types of identification.

Usage guidelines

Only the responder can look up an IKEv2 peer by ID in IKEv2 negotiation. The initiator does not know the peer ID when initiating the IKEv2 negotiation, so it cannot use an ID for IKEv2 peer lookup.

Examples

# Create an IKEv2 keychain named key1.

<Sysname> system-view
[Sysname] ikev2 keychain key1

# Create an IKEv2 peer named peer1.

[Sysname-ikev2-keychain-key1] peer peer1

# Specify IPv4 address 1.1.1.2 as the ID of the IKEv2 peer.

[Sysname-ikev2-keychain-key1-peer-peer1] identity address 1.1.1.2

Related commands

ikev2 keychain

peer