Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
dn
Function
The dn command specifies the distinguished name (DN) of an allowed peer for IKE negotiation.
The undo dn command deletes the DN of an allowed peer.
By default, no DN of allowed peer for IKE negotiation is configured.
Usage Guidelines
Usage Scenario
You can run this command to specify an allowed peer based on the DN (PKI domain configuration referenced in the IKE peer configured on a remote device) in the identity filter set for IKE negotiation.
Precautions
An IPSec tunnel can be established only when the remote end matches one or more parameters in the identity filter set and the IPSec negotiation parameters at both ends are consistent.
If you run this command in the same view multiple times, the latest configuration does not override earlier ones.
Related Topics
