[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
Overriding IPSec Local and Peer Identities for SA Negotiations
You can use the local ip identity and peer ip identity commands to override
the local and peer identities used for SA negotiations (respectively).
local
ip identity
- Use to override the local identity (phase 2 identity)
used for IPSec security association negotiations. For IPSec negotiations
to succeed, the local and peer identities at one end of the tunnel
must match the peer and local identities at the other end (respectively).
- Example
- host1(config-ipsec-tunnel-profile)#local ip
identity range 10.30.11.1 10.30.11.50
- Use the no version to restore
the default value, the internal IP address allocated for the subscriber.
- See local ip identity.
peer
ip identity
- Use to override the peer identity (phase 2 identity) used
for IPSec security association negotiations. For IPSec negotiations
to succeed, the local and peer identities at one end of the tunnel
must match the peer and local identities at the other end (respectively).
- Example
- host1(config-ipsec-tunnel-profile)#peer ip
identity address 10.227.1.2
- Use the no version to restore
the default value, the internal IP address allocated for the subscriber.
- See peer ip identity.
[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
