This is the documentation for the 19.02 version. Looking for the documentation of the latest version? Have a look here.
In IKE, each party must be sure that it is communicating with the correct
peer. One aspect of this validation is the
identity. Each router will tell
the other its own local identity and then validate it against the stored remote
identity. If they do not match, the peer is rejected.
tnsr(config-ipsec-crypto-ike)# identity local tnsr(config-ike-identity)# type address tnsr(config-ike-identity)# value 203.0.113.2 tnsr(config-ike-identity)# exit
When configuring the identity, both the local and remote are required by IKE.
First, specify the local identity with
identity local. This switches TNSR to
IKE identity mode. In this mode, the identity
type and a valid corresponding
value for that type.must be set.
TNSR supports several identity types, to see a full list, enter
type ? from
IKE identity mode.
The identity type and value must both be supplied to the administrator of the other router so they can properly identify this endpoint.
tnsr(config-ipsec-crypto-ike)# identity remote tnsr(config-ike-identity)# type address tnsr(config-ike-identity)# value 203.0.113.25 tnsr(config-ike-identity)# exit
remote identity is configured in the same manner as the local identity,
but using the type and value supplied by the administrator of the remote