Remote Identifier [remoteid]
Chapter 4
Configuration via the Command Line Interface
This parameter identifies the remote Security Gateway during the Phase 1 negotiation. This identity must match the settings in the remote Security Gateway in order to successfully set up the IKE Security Association. The identity types supported in the SpeedTouch™ are listed in the following table.
Identity type | Keyword | Examples | |
|
|
| |
|
| 10.0.0.1 | |
IP address | (addr) | 0.0.0.0 (any IP address | |
|
| accepted) | |
|
|
| |
Fully qualified domain name | (fqdn) | sales.corporate.net | |
|
|
| |
User fully qualified domain | (userfqdn) | john.doe@corporate.net | |
name | *.corporate.net | ||
| |||
|
|
| |
Distinguished name | (dn) | dc=corpor,uid=user | |
|
|
| |
Key identity | (keyid) | cisid | |
|
|
| |
any | (any) |
| |
|
|
|
In order to make the configuration of a VPN server independent of the number of VPN clients, wildcards can be used in the userfqdn, as shown in the table above. For example, *.corporate.net will match with any
The use of wildcards allows simultaneous connections with multiple VPN clients, derived from a single peer profile.
121 | |
|
