Ike Identity - HP 5920 Command Reference Manual

Usage guidelines
DPD is triggered periodically or on-demand. The on-demand mode is recommended when the device
communicates with a large number of IKE peers. For an earlier detection of dead peers, use the
periodical triggering mode, which consumes more bandwidth and CPU.
When DPD settings are configured in both IKE profile view and system view, the DPD settings in IKE
profile view apply. If DPD is not configured in IKE profile view, the DPD settings in system view apply.
It is a good practice to set the triggering interval longer than the retry interval so that a DPD detection
does not occur during a DPD retry.
Examples
# Configure DPD to be triggered every 10 seconds and every 5 seconds between retries if the peer does
not respond.
<Sysname> system-view
[Sysname] ike dpd interval 10 retry 5 on-demand
Related commands
dpd

ike identity

Use ike identity to specify the global identity used by the local during IKE negotiations.
Use undo ike identity to remove the configuration and restore the default.
Syntax
ike identity { address { ipv4-address | ipv6 ipv6-address } | dn | fqdn [ fqdn-name ] | user-fqdn
[ user-fqdn-name ] }
undo ike identity
Default
By default, the IP address of the interface where the IPsec policy or IPsec policy template applies is used
for the IKE identity.
Views
System view
Predefined user roles
network-admin
Parameters
address { ipv4-address | ipv6 ipv6-address }: Uses an IPv4 or IPv6 address as the identity.
dn: Uses the DN in the digital signature as the identity.
fqdn fqdn-name: Uses the FQDN name as the identity. The fqdn-name argument is a case-sensitive string
of 1 to 255 characters, for example, www.test.com. If you do not specify this argument, the device name
configured by using the sysname command is used as the local FQDN.
378