Table of Contents
Advertisement
Default
No inside VPN instance is specified. The internal and external networks are in the same VPN
instance. The device forwards protected data to this VPN instance.
Views
IKEv2 profile view
Predefined user roles
network-admin
Parameters
: Specifies the VPN instance to which the protected data belongs. The
vrf-name
argument represents the VPN instance name, a case-sensitive string of 1 to 31 characters.
Usage guidelines
This command determines where the device should forward received IPsec packets after it
de-encapsulates them. If you configure this command, the device looks for a route in the specified
VPN instance to forward the packets. If you do not configure this command, the internal and external
networks are in the same VPN instance. The device looks for a route in this VPN instance to forward
the packets.
Examples
# Create an IKEv2 profile named profile1.
<Sysname> system-view
[Sysname] ikev2 profile profile1
# Specify inside VPN instance vpn1.
[Sysname-ikev2-profile-profile1] inside-vrf vpn1
integrity
Use
integrity
Use
undo integrity
Syntax
integrity { aes-xcbc-mac | md5 | sha1 | sha256 | sha384 | sha512 } *
undo integrity
Default
No integrity protection algorithm is specified for an IKEv2 proposal.
Views
IKEv2 proposal view
Predefined user roles
network-admin
Parameters
aes-xcbc-mac
keyword is available only for IKEv2.
: Specifies the HMAC-MD5 algorithm.
md5
: Specifies the HMAC-SHA1 algorithm.
sha1
: Specifies the HMAC-SHA256 algorithm.
sha256
to specify integrity protection algorithms for an IKEv2 proposal.
to restore the default.
: Specifies the HMAC-AES-XCBC-96 algorithm, which uses a 128-bit key. This
28
vrf-name
Advertisement
Chapters
Table of Contents
