Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

distinguished-name (Security)

 

Syntax

Hierarchy Level

Release Information

Statement introduced in Junos OS Release 8.5.

Description

Specify a distinguished name as the identifier for the remote gateway with a dynamic IP address.

Options

container-stringDN field and value to be matched. For example, cn=admin, ou=eng, o=example, dc=net. Specify one or more distinguished name (DN) field and value pairs that must match the DN in the VPN peer’s digital certificate. The order of the fields and their values must exactly match the DN in the peer’s digital certificate.

Add a space between each field and value pair. For example, edit security ike gateway jsr_gateway dynamic distinguished-name container o=example, dc=net.

wildcard-stringDN field and value pairs to be matched. For example, cn=admin, ou=eng, o=example, dc=net. Specify one or more distinguished name (DN) field and value pairs that must match the DN in the VPN peer’s digital certificate. The configured field and value must match the DN in the peer’s digital certificate but the order of the fields in the DN does not matter.

Add a space between each field and value pair. For example, edit security ike gateway jsr_gateway dynamic distinguished-name wildcard o=example, dc=net.

Starting in Junos OS Release 19.4R1, you can now configure only one dynamic DN attribute among container-string and wildcard-string at [edit security ike gateway gateway_name dynamic distinguished-name] hierarchy. If you try configuring the second attribute after you configure the first attribute, the first attribute is replaced with the second attribute. Before your upgrade your device, you must remove one of the attributes if you have configured both the attributes.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Related Documentation