Nat-Keepalive - HP FlexNetwork MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (392 pages) ,
- Configuration manuals (159 pages)
Advertisement
Default
The IKEv2 profile belongs to the public network.
Views
IKEv2 profile view
Predefined user roles
network-admin
Parameters
name vrf-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.
any: Specifies the public network and all VPN instances.
Usage guidelines
If an IKEv2 profile belongs to a VPN instance, only interfaces in the VPN instance can use the IKEv2
profile for IKEv2 negotiation. The VPN instance is the VPN instance to which the interface that
receives IKEv2 packets belongs. If you specify the any keyword, interfaces in any VPN instance can
use the IKEv2 profile for IKEv2 negotiation.
Examples
# Create an IKEv2 profile named profile1.
<Sysname> system-view
[Sysname] ikev2 profile profile1
# Specify vrf1 as the VPN instance that the IKEv2 profile belongs to.
[Sysname-ikev2-profile-profile1] match vrf name vrf1
Related commands
match remote
nat-keepalive
Use nat-keepalive to set the NAT keepalive interval.
Use ikev2 nat-keepalive to restore the default.
Syntax
nat-keepalive seconds
undo nat-keepalive
Default
The NAT keepalive interval set in system view is used.
Views
IKEv2 profile view
Predefined user roles
network-admin
Parameters
seconds: Specifies the NAT keepalive interval in seconds, in the range of 5 to 3600.
Usage guidelines
This command takes effect when the device resides in the private network behind a NAT device. The
device must send NAT keepalive packets regularly to its peer to keep the NAT session alive, so that
the peer can access the device.
586
Advertisement
