AR1220 as core node whose ike peer did not configure remote-address cannot add ipsec policy, How does AR1220 configure aggressive IPsec at the moment?
AR1220 as core node whose ike peer did not configure remote-address,it will report as follows when add ike peer in ipsec policy.
error: no remote address configured for the ike peer.
But embranchment node address is not fixed,can associate name only, cannot associate address, it can be configured as follows:
ike local-name abc
ike proposal 1
ike peer abc v1
ipsec proposal ipsec_pro
ipsec policy-template use1 10
ipsec policy policy1 10 isakmp template use1
interface gigabitethernet 0/0/1
ip address 188.8.131.52 255.255.255.0
ipsec policy policy1
it not need to specify remote address in ike peer, add one policy-template to associate ike-peer, associate policy-template in policy.
Whole configuration for core node and embranchment node can reference the attachment.