HP ProCurve 7102dl Reference Manual page 1269
Secure router sros command line interface
Hide thumbs
Also See for ProCurve 7102dl:
- Configuration manual (1114 pages) ,
- Product end-of-life disassembly instructions (2 pages) ,
- Advanced management and configuration manual (1005 pages)
Table of Contents
Advertisement
SROS Command Line Interface Reference Guide
local-id [address | asn1-dn | fqdn | user-fqdn] <ipaddress or name>
Use the local-id command to set the local ID for the IKE policy. This setting overrides the system local ID
setting (set in the Global configuration mode using the crypto ike local-id address command).
Syntax Description
address <ipaddress>
asn1-dn <name>
fqdn <name>
user-fqdn <name>
Default Values
By default, the local ID is not defined.
Functional Notes
The local ID for a particular IKE policy can be set in two ways. The first (default) method is to use the global
system command:
ProCurve(config)#crypto ike local-id address
This command, which by default is executed on start-up, makes the local ID of an IKE policy equal to the IPv4
address of the interface on which an IKE negotiation is occurring. This is particularly useful for products that
could have multiple public interfaces.
The second method is to use the IKE policy command:
ProCurve(config-ike)#local-id [address | fqdn | user-fqdn] <ipaddress or fqdn>
This policy-specific command allows you to manually set the local ID for an IKE policy on a per-policy basis. You
can use both methods simultaneously in the product. Several IKE policies can be created, some of which use
the default system setting of the IPv4 address of the public interface. Others can be set to override this system
setting and manually configure a local ID specific to those policies. When a new IKE policy is created, they
default to no local-id. This allows the system local ID setting to be applied to the policy.
Usage Examples
The following example sets the local ID of this IKE policy to the IPv4 address 172.17.45.57:
ProCurve(config-ike)#local-id address 172.17.45.57
5991-2114
Specifies a remote ID of IPv4 type.
Specifies an Abstract Syntax Notation Distinguished Name as the remote ID
(enter this value in LDAP format).
Specifies a fully qualified domain name as the remote ID.
Specifies a user fully qualified domain name or email address (e.g.,
user1@hp.com) as the remote ID.
© Copyright 2007 Hewlett-Packard Development Company, L.P.
IKE Policy Command Set
1267
Advertisement
Chapters
Table of Contents
