Ikev2 Profile - HP FlexNetwork MSR Series Command Reference Manual

Parameters
policy-name: Specifies a name for the IKEv2 policy. The policy name is a case-insensitive string of 1
to 63 characters.
Usage guidelines
Each end must have an IKEv2 policy for the IKE_SA_INIT exchange. The initiator looks up an IKEv2
policy by the IP address of the interface to which the IPsec policy is applied and the VPN instance to
which the interface belongs. The responder looks up an IKEv2 policy by the IP address of the
interface that receives the IKEv2 packet and the VPN instance to which the interface belongs. An
IKEv2 policy uses IKEv2 proposals to define the encryption algorithms, integrity protection
algorithms, PRF algorithms, and DH groups to be used for negotiation.
You can configure multiple IKEv2 policies. An IKEv2 policy must have a minimum of one IKEv2
proposal. Otherwise, the policy is incomplete.
If the initiator uses an IPsec policy that is bound to a source interface, the initiator looks up an IKEv2
policy by the IP address of the source interface.
You can set priorities to adjust the match order of IKEv2 policies that have the same match criteria.
If no IKEv2 policy is configured, the default IKEv2 policy is used. You cannot enter the view of the
default IKEv2 policy, nor modify it.
Examples
# Create an IKEv2 policy named policy1 and enter IKEv2 policy view.
<Sysname> system-view
[Sysname] ikev2 policy policy1
[Sysname-ikev2-policy-policy1]
Related commands
display ikev2 policy

ikev2 profile

Use ikev2 profile to create an IKEv2 profile and enter its view, or enter the view of an existing IKEv2
profile.
Use undo ikev2 profile to delete an IKEv2 profile.
Syntax
ikev2 profile profile-name
undo ikev2 profile profile-name
Default
No IKEv2 profiles exist.
Views
System view
Predefined user roles
network-admin
Parameters
profile-name: Specifies a name for the IKEv2 profile. The profile name is a case-insensitive string of
1 to 63 characters.
577