Id-Type - HPE FlexNetwork HSR6800 Security Command Reference
Hide thumbs
Also See for FlexNetwork HSR6800:
- Configuration manual (503 pages) ,
- Command reference manual (153 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
Views
IKE peer view
Default command level
2: System level
Parameters
aggressive: Specifies the aggressive mode. This keyword is not available in FIPS mode.
main: Specifies the main mode.
Usage guidelines
When the user (for example, a dial-up user) at the remote end of an IPsec tunnel obtains an IP
address automatically and pre-shared key authentication is used, Hewlett Packard Enterprise
recommends setting the IKE negotiation mode to aggressive at the local end.
Examples
# Specify that IKE negotiation operates in main mode.
<Sysname> system-view
[Sysname] ike peer peer1
[Sysname-ike-peer-peer1] exchange-mode main
Related commands
id-type
id-type
Use id-type to select the type of the ID for IKE negotiation.
Use undo id-type to restore the default.
Syntax
id-type { ip | name | user-fqdn }
undo id-type
Default
The ID type is IP address.
Views
IKE peer view
Default command level
2: System level
Parameters
ip: Uses an IP address as the ID during IKE negotiation.
name: Uses a name of the Fully Qualified Domain Name (FQDN) type as the ID during IKE
negotiation.
user-fqdn: Uses a name of the user FQDN type as the ID during IKE negotiation.
Usage guidelines
In main mode, only the ID type of IP address can be used in IKE negotiation and SA creation. In
aggressive mode, either type can be used.
313
Advertisement
Table of Contents
