To disable sending, use the no form of this command.Ĭonfig-exchange Įnables configuration exchange request set options.Īccepts configuration exchange request set.Įnables sending of configuration exchange set. To enable the configuration exchange options, use the config-exchange command in IKEv2 profile configuration mode. The remote authentication method that use keyring if-ipsec256-ikev2-keyring. In the above example, the profile if-ipsec256-ikev2-profile specifies preshare as the local authentication method and as
NAME MANGLER ADVANCED EXAMPLES HOW TO
The following example shows how to specify an authentication method in an IKEv2 profile:ĭevice(config)# crypto ikev2 profile if-ipsec256-ikev2-profileĭevice(config-ikev2-profile)# aaa authorization group psk list default li_policyĭevice(config-ikev2-profile)# authentication local pre-shareĭevice(config-ikev2-profile)# authentication remote pre-shareĭevice(config-ikev2-profile)# no config-exchange requestĭevice(config-ikev2-profile)# keyring local if-ipsec256-ikev2-keyringĭevice(config-ikev2-profile)# lifetime 86400ĭevice(config-ikev2-profile)# match identity remote address 172.16.93.2 IKEv2 profile configuration (crypto-ikev2-profile)įor usage guidelines, see the Cisco IOS XE authentication (IKEv2 profile) command. The default local and remote authentication method is not configured. Specifies the remote authentication method. Specifies Extensible Authentication Protocol (EAP) as the authentication method. Specifies Elliptic Curve Digital Signature Algorithm (ECDSA) signature (ECDSA-sig) as the authentication method. Specifies preshared key as the authentication method. Specifies Rivest, Shamir, and Adelman (RSA) signature as the authentication method. Specifies the local authentication method. To delete the authentication method, use the To specify the local and remote authentication methods in an Internet Key Exchange Version 2 (IKEv2) profile, use theĪuthentication command in IKEv2 profile configuration mode. Router(config-ikev2-keyring-peer)# pre-shared-key cisco123 authentication (IKEv2 profile) Router(config-ikev2-keyring)# peer if-ipsec256-ikev2-keyring-peer Router(config)# crypto ikev2 keyring if-ipsec256-ikev2-keyring The following examples show how to specify the preshared key of an IP Security (IPsec) peer: IKEv2 keyring peer configuration (config-ikev2-keyring-peer)įor usage guidelines, see the Cisco IOS XE address (IKEv2 keyring) command. To remove the IP address, use the no form of this command. To specify an IPv4 address or the range of the peer in an Internet Key Exchange Version 2 (IKEv2) keyring, use the address command in IKEv2 keyring peer configuration mode. Router(config-ikev2-profile)# aaa authorization group psk list default li_policy address (IKEv2 keyring) Router(config)# crypto ikev2 profile if-ipsec256-ikev2-profile The following example shows how to configure the AAA authorization for a local group policy. IKEv2 profile configuration (config-ikev2-profile) Command HistoryĬommand qualified for use in Cisco vManage CLI templates.įor usage guidelines, see the Cisco IOS XE aaa authorization (IKEv2 profile) command. Password-Specifies an unencrypted user password.
NAME MANGLER ADVANCED EXAMPLES PASSWORD
This password argument defines the following values:Ġ-Specifies that the password is unencrypted.Ħ-Specifies that the password is encrypted. Specifies the AAA method list for the remote authentication method. Specifies the AAA method list that is used when the remote authentication method is preshared key. Specifies the AAA method list that is used when the remote authentication method is Extensible Authentication Protocol (EAP). Specifies the AAA method list that is used when the remote authentication method is certificate based. Specifies the AAA authorization for each user policy. (Optional) Specifies the authorization policy that is used through a local method. Specifies the AAA authorization for local or external group policy. To remove the AAA authorization, use the no form of this command. The aaa authorization command in IKEv2 profile configuration mode. To specify the authentication, authorization, and accounting (AAA) authorization for a local or external group policy, use set security-association replay window-size.Commands Qualified in Cisco IOS XE Release 17.x.
0 kommentar(er)
