No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

AR500, AR510, and AR530 V200R007

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
peer-id-type

peer-id-type

Function

The peer-id-type command sets the type of the remote ID used in IKE negotiation.

The undo peer-id-type command cancels the remote ID type.

By default, no remote ID type is set.

Format

peer-id-type { dn | ip | name| user-fqdn }

undo peer-id-type

Parameters

Parameter

Description

Value

dn

Uses the distinguished name (DN) as the remote ID.

-

ip

Uses the IP address of the remote end as the remote ID.

-

name

Uses the host name of the remote end as the remote ID.

-

user-fqdn

Uses the user domain name of the remote end as the remote ID.

-

Views

IKE peer view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

In the IKE peer, the local end checks whether its remote ID matches the local ID of the remote end.

  • When peer-id-type dn is used, the remote DN is used for IKE negotiation.

    When peer-id-type dn is used, RSA signature authentication is used. That is, rsa-signature in the authentication-method command of the referenced IKE proposal must be specified.

  • When peer-id-type ip is used, the remote IP address is used for IKE negotiation.

  • When peer-id-type name is used, the remote name is used for IKE negotiation.

  • When peer-id-type user-fqdn is used, the user domain name is used for IKE negotiation.

    This parameter is used when the device sets up an IPSec tunnel with a PC or another device.

Precautions

The peer-id-type command is valid only when IKEv2 is used.

In IKEv2, local-id-type at the local end must match peer-id-type at the remote end. In IKEv1, local-id-type at the local end must match local-id-type at the remote end.

Example

# Set the remote ID type to name.

<Huawei> system-view
[Huawei] ike peer huawei v2
[Huawei-ike-peer-huawei] peer-id-type name
Translation
Download
Updated: 2019-02-18

Document ID: EDOC1000097293

Views: 36044

Downloads: 101

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next