remote-identity
Syntax
remote-identity { distinguished-name { container container-string; wildcard wildcard-string; } hostname hostname; inet ip-address; inet6 ipv6-address; key-id; user-at-hostname e-mail-address; }
Hierarchy Level
[edit security ike gateway gateway-name]
Description
Specify the remote IKE identity to exchange with the destination peer to establish communication. If you do not configure a remote-identity, the device uses the IPv4 or IPv6 address corresponding to the remote endpoint by default.
For Network Address Translation Traversal (NAT-T), both remote identity and local identity must be configured.
Options
distinguished-name
—Specify identity as the distinguished name (DN) from the certificate. If there is more than one certificate on the device, use thesecurity
ike gateway
gateway-name
policy
policy-name
certificate local-certificate
certificate-id
.Optional container and wildcard strings can be specified:
container container-string
—Specify a string for the container.wildcard wildcard-string
—Specify a string for the wildcard.
hostname
hostname
—Specify identity as a fully qualified domain name (FQDN).inet
ip-address
—Specify identity as an IPv4 address.inet6
ipv6-address
—Specify identity as an IPv6 address.key-id
string-key-id
—Specify the key ID in ASCII sring.user-at-hostname
e-mail-address
—Specify identity as an e-mail address.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 11.4.