HP 6125XLG R2306-HP 6125XLG Blade Switch Security Command Reference - Page 306

dn: Uses the DN in the local certificate as the local ID. fqdn fqdn-name: Uses an FQDN as the local ID. The fqdn-name argument is a case-sensitive string of 1 to 255 characters, such as www.test.com. If you do not specify this argument, the device name configured by using the sysname command is used as the local FQDN. user-fqdn user-fqdn-name: Uses a user FQDN as the local ID. The user-fqdn-name argument is a case-sensitive string of 1 to 255 characters, such as [email protected]. If you do not specify this argument, the device name configured by using the sysname command is used as the user FQDN. Usage guidelines An IKE profile can have only one local ID. For digital signature authentication, the device can use any type of ID. If the local ID is an IP address that is different from the IP address in the local certificate, the device uses its FQDN (the device name configured by using the sysname command) instead. For pre-shared key authentication, the device can use any type of ID other than the DN. An IKE profile with no local ID specified uses the local ID configured by using the ike identity command in system view. Examples # Create IKE profile prof1. system-view [Sysname] ike profile prof1 # Set the local ID to IP address 2.2.2.2. [Sysname-ike-profile-prof1] local-identity address 2.2.2.2 Related commands • match remote • ike identity match local address (IKE keychain view) Use match local address to specify a local interface or IP address that an IKE keychain can be applied to. Use undo match local address to restore the default. Syntax match local address { interface-type interface-number | { ipv4-address | ipv6 ipv6-address } [ vpn-instance vpn-name ] } undo match local address Default An IKE keychain can be applied to any local interface or IP address. Views IKE keychain view Predefined user roles network-admin 297