| Attributes |
ConnectionType
restricted |
-
connectionType
=
BOTH
-
Connection type of the IKEv2 session.
|
ManagedObject[0..1]
restricted |
-
credential
-
Reference to the managed element own credential to be used in IKEv2 negotiation.
Valid reference is a NodeCredential in Certificate Management Branch.
If credential and trustCategory are not specified, then preshared key-based authentication is selected. The referring Ikev2Session instances must have preshared keys installed.
|
uint32
restricted |
-
dpdKeepAliveInterval
=
30
-
The keep alive interval with which INFORMATIONAL exchanges are sent to the peer.
Unit: 1 secs
|
Identity[0..1]
restricted |
-
identityLocal
-
Local identity.
If the local identity is not configured, it is automatically configured in the system as follows:
a) In case of certificate based authentication, the local identity is set to the same value as specified by the subject alt name in the certificate that the node use.
b) In case of preshared key-based authentication, the local identity is set to the local IP address of the tunnel.
|
uint32
restricted |
-
ikeSaLifetime
=
180
-
Lifetime for IKE SA.
Unit: 1 mins
|
string
key
mandatory
noNotification
restricted |
-
ikev2PolicyProfileId
-
Value component of the RDN.
|
Ikev2Proposal[1..] nonUnique ordered
mandatory
restricted |
-
ikev2Proposal
-
Ordered list of IKE proposals to be used for IKE SA negotiation.
At least one IKE proposal must be specified. The first one in the list has the highest priority.
|
ManagedObject[0..1]
restricted |
-
trustCategory
-
Reference to a trusted certificates group.
Valid reference is TrustCategory in Certificate Management Branch.
If credential and trustCategory are not specified, then pre-shared key based authentication is selected. The referring Ikev2Session instances have to have pre-shared keys installed.
|
string[0..1]
restricted |
-
userLabel
-
Label for free use.
|